Filtering for False Positive Requests

How to find false positive requests awaiting approval in the RiskSense platform.

While vulnerability scanners can reliably identify flaws, misconfigurations, weaknesses, and missing patches, they are not infallible.  For cases where a scanner identifies a vulnerability that is confirmed to not be present upon manual investigation, the RiskSense platform provides an option to mark that finding as a False Positive (FP).

To filter for false positive requests, navigate to either the Network > Host Findings or Application > Application Findings pages. For this example, we will show you how to filter for false positive requests using the Network > Host Findings page.

Host Findings Menu Location-2

To view all false positive requests, you will need to set up a filter. Click the Active Filter button in the upper-left corner of the page.

False Positive Filtering - Active Filter Location

If any filters are already applied, click Clear All. Set your filter using the following parameter and click Add.

False Positive Filtering - FP Requested Filter Configuration

The list view now shows all false positive requests awaiting approval on the page.

False Positive Filtering - Filtered FP Request Result