Suppressing/Unsuppressing Security Vulnerabilities
For various reasons, your site might want to suppress—that is, hide—a security vulnerability that is associated with one or more component versions used by your inventory. Once suppressed, the vulnerability is no longer published in reports, counted in vulnerability totals for inventory in projects, or automatically associated with inventory during future project scans in your Code Insight instance. For example, you might choose to suppress a vulnerability if you have taken remedial steps to protect your code against the vulnerability or if the vulnerability has proven to be a “false positive” (that is, is associated with an incorrect component version).
Likewise, you might want to unsuppress a security vulnerability that you have previously suppressed so that it is again visible and counted for inventory in projects.
Only a Code Insight System Administrator can suppress security vulnerabilities, as well as monitor currently suppressed vulnerabilities and unsuppress them as needed.
Any type of security vulnerability can be suppressed (and then unsuppressed when necessary):
| • | Vulnerabilities retrieved from the Code Insight Data Library during scans or as open alerts |
| • | Custom vulnerabilities |
The following sections provide more information about suppressing and unsuppressing security vulnerabilities:
| • | Suppressing Security Vulnerabilities |
| • | Viewing Suppressed Security Vulnerabilities |
| • | Unsuppressing Security Vulnerabilities |