Rejecting a False Positive

How to reject a false positive request in the RiskSense platform.

While vulnerability scanners can reliably identify flaws, misconfigurations, weaknesses, and missing patches, they are not infallible. For cases where a scanner identifies a vulnerability that is confirmed to not be present upon manual investigation, the RiskSense platform provides an option to mark that finding as a False Positive (FP).

Only managers and group managers can reject false positive requests.

To reject a false positive request, navigate to either the Network > Host Findings or Application > Application Findings pages. For this example, we will show you how to reject a false positive using the Network > Host Findings page.

Host Findings Menu Location-2

Select the FP Requested finding(s) you want to reject by clicking the check box in the page’s first column. You may select several vulnerabilities at a time for rejecting false positives. If you are having trouble finding false positive requests, see Filtering for False Positive Requests.

False Positive Reject - Selecting Host Findings

Click the Workflow button.

False Positive Reject - Workflow Button Location

In the Workflow drop-down menu, click Reject under the False Positive category. This option can be used for single and multiple vulnerabilities.

False Positive Reject - Reject False Positive Menu Location

You may also select a single vulnerability and right click the line item to select workflow options from the pop-up menu. Note that using the right-click option only works for a single row, as designated in the screenshot below.

False Positive Reject - Reject False Positive Right Click Menu Location

Clicking Workflow > False Positive > Reject brings up the Reject False Positive pop-up window.

False Positive Reject - Reject False Positive Window

In the provided text box, enter the reason for rejecting the false positive request. Once complete, click Apply.

When a false positive request is rejected, the state changes to Assigned, as shown in the screenshot below.

False Positive Reject - Assigned State