False Positives

You can find information about false positives from the Current Vulnerabilities list and from the False Positive Request History list. All approved false positives expire in 90 days from the approval date. Once the false positive is expired, and after running another network scan that detects the vulnerability, submit a new false positive request for the vulnerability.

Search False Positive Requests

To search false positive requests for current vulnerabilities, go to Network > Vulnerabilities. Use the filter settings at the top of the page to find all vulnerabilities with associated false positive requests. Select the false positive status that you're interested in: Requested, Rejected, or Expired (was approved but expired after 90 days). The list of current vulnerabilities is dynamically updated to only show vulnerabilities that match your filter settings. (Note the Current Vulnerabilities list does not show false positives that are currently approved.)

View False Positive Request History

To view details for all false positive requests submitted by all users in the False Positive Request History list, go to Network > False Positive History. You can search for false positives by QID, vulnerability title, status (Rejected, Approved, Requested, and Expired), host IP and future expiration date.