Batch edit Scan vulnerability status
When Contrast discovers a vulnerability during a scan, it assigns a status of Reported to the vulnerability. This status indicates that the vulnerability could possibly be exploited.
You can change this status for multiple vulnerabilities, based on how you are managing them, to one of these values:
Confirmed: You've confirmed that the vulnerability is a true finding by reviewing the source code or exploiting it.
Suspicious: You've confirmed that the vulnerability appears to be a true finding based on the details provided, but it requires more investigation to determine its validity.
Not a problem: You've determined that the vulnerability doesn't require code changes.
If you change the status to Not a Problem, it never changes to Remediated or any other status, even if subsequent scans don't discover the vulnerability. To have the vulnerability assessed again, change the status to Confirmed or Suspicious.
Steps
Select Scans in the header.
Select a Scan project.
Select the Vulnerabilities tab.
Use the checkbox on the left to select multiple vulnerabilities with the same status.
You can select vulnerabilities with different types.
In the batch action menu at the bottom of the page, select Status and select a status from the dropdown.
If you selected one or more vulnerabilities of the same type, optionally select the checkbox to change the status of all vulnerabilities that match that type.
Optionally, enter a comment in the Mark window.
Select Change status.
Note
Changing the status for large numbers of vulnerabilities at the same time can take several minutes to complete. You can continue to make changes without waiting. Contrast displays a message when the change operations finish.