Skip to main content

Review Contrast Scan pending vulnerability status changes

If changing the status for a vulnerability that Contrast Scan reports requires approval, the status changes to Pending review. The status remains as Pending review until you approve or reject it the change request.

How Contrast Scan vulnerability approval works

  • When a user requests to change the status of any qualifying Scan vulnerabilities, Contrast sends an in-app notification to all users with the correct role indicating that a review is needed. Each vulnerability status displays Pending approval until you submit a review of the request.

  • If a reviewer approves the status change, the status changes to the requested one.

  • If a reviewer denies the status change, they must provide a reason for denial. The status remains in its original state.

  • If you disable the feature, any pending reviews are automatically approved.

Before you begin

  • You need the Organization Administrator or Organization RulesAdmin role.

Steps

  1. Select the link in your notification in the Contrast web interface or select a Scan project and then select the Vulnerabilities tab.

  2. From the Status column filter, select Pending approval.

    Image shows the Pending approval filter selection.

  3. Use the check marks in the left column to select one or more vulnerabilities.

  4. In the batch action menu that appears at the bottom of the page, select Review. Then select Approve or Deny.

In this section: