Phill Vanderpool

Mark a finding as false positive

Discussion created by Phill Vanderpool on Aug 16, 2016
Latest reply on Aug 16, 2016 by rashaadragland

Does anyone have any experience with marking a findings a a false positive for a particular host?  I have a host that flags on QID - 11489 - Unauthorized File Upload on one of out internal web applications.  We have verified that what is occurring is that the application is accepting any data stream, issuing a 302 redirect, and then dropping the data.  I'd like to mark this as a false positive in regards to this one host in particular in case a valid finding appears in the future.  Is there a method for marking this as a false positive for one particular asset?

Outcomes