Marking findings in the Crashtest Security suite

You can find the functionality to mark a detected finding as a False Positive on the last scan page of each scan target. Here you have three options; you can mark your finding as false positive, won’t fix or accept risk.

Crashtest Security Suite Marking Optinions

False Positive Marking

By Marking a finding as “False Positive” marking, you are telling the scanners that the finding is false positive, and you don’t want to see this finding again in the next scans.

Accept Risk

If you mark a finding as “Accept Risk,” you tell scanners that you are aware of the risk, and you do not want to see this finding in the next scans.

Won’t Fix

When you mark a finding as “Won’t Fix,” you inform the scanners that you are aware of the issue and the vulnerability is not fixable, so you do not want to see this finding on the next scans in the findings list.

After you mark a finding with any of these three options, you will be able to see them in the “Ignore Findings” table.

Crashtest Security Suite Markings Operation

On this page, you can see all the findings which you marked and also the ignored reason. In addition, you have an option to “Undo” the mark. If you click on the undo button, the finding will be seen in the findings list, and also it will appear for the next scans.

Identify Security Vulnerabilities in Your Web Apps and APIs