Suppressing/Unsuppressing Security Vulnerabilities
Code Insight 2021 R3
For various reasons, your site might want to suppress—that is, hide—a security vulnerability that is associated with one or more component versions used by your inventory. Once suppressed, the vulnerability is no longer published in reports, counted in vulnerability totals for inventory in projects, or automatically associated with inventory during future project scans in your Code Insight instance. For example, you might choose to suppress a vulnerability if you have taken remedial steps to protect your code against the vulnerability or if the vulnerability has proven to be a “false positive” (that is, is associated with an incorrect component version).
Only a Code Insight System Administrator can suppress a security vulnerability. The System Administrator can also monitor a list of suppressed vulnerabilities and unsuppress vulnerabilities as needed.
Note:Currently, vulnerabilities can be unsuppressed through the Code Insight REST interface only.
Any type of security vulnerability can be suppressed:
| • | Vulnerabilities retrieved from the Code Insight data library during scans or as open alerts |
| • | Custom vulnerabilities |
The following sections provide more information about suppressing and unsuppressing security vulnerabilities:
| • | Impact of Suppressing a Security Vulnerability |
| • | Suppressing a Security Vulnerability |
| • | Viewing Suppressed Security Vulnerabilities |
| • | Unsuppressing Security Vulnerabilities |