You can find information about false positives from the Current Vulnerabilities list and from the False Positive Request History list. All approved false positives expire in 90 days from the approval date. Once the false positive is expired, and after running another network scan that detects the vulnerability, submit a new false positive request for the vulnerability.
To search false positive requests for current vulnerabilities, go to Network > Vulnerabilities. Use the filter settings at the top of the page to find all vulnerabilities with associated false positive requests. Select the false positive status that you're interested in: Requested, Rejected, or Expired (was approved but expired after 90 days). The list of current vulnerabilities is dynamically updated to only show vulnerabilities that match your filter settings. (Note the Current Vulnerabilities list does not show false positives that are currently approved.)
To view details for all false positive requests submitted by all users in the False Positive Request History list, go to Network > False Positive History. You can search for false positives by QID, vulnerability title, status (Rejected, Approved, Requested, and Expired), host IP and days remaining for expiry (7, 10, 20, 30, 60 and None). We show future expiration dates for false positives that are approved. After a false positive is expired, the status of the false positive is changed to expired if you do not submit a new false positive request for the vulnerability.
You can configure how many days before the expiry of false positive requests you want to receive daily email notifications. To set expiry notification for false positives, go to Account > Settings and click Edit to edit the merchant information. Specify a value from 0 to 60 in the "False Positive expiry notification (in days)" field. Specify the value zero to disable notification. In the email, we will let you know the total number of false positive requests expiring and days remaining for expiry.