Issue status
Issues can be classified as Open, In Progress, Noise, Reopened, Passed, and Fixed.
Class | Description |
---|---|
Open | All issues, including those issues that are imported from third-party scanners,
are set as Open by default when they are not yet triaged. Open issues
remain in that status until you manually change their status. However, if auto-close is enabled and
the issue was closed as part of a rescan, the issue's status is changed to
Fixed. Note: Issues found before February 2023 were
marked New, not Open. The status of New issues in these scans
will not be changed, unless they are found in a fresh scan. If found in a fresh
scan such issues will be set to Open. You can change the status of a
New issue to any other status, but cannot set an issue’s status to
New. |
In Progress | Classify an issue as In Progress when investigating if an open issue is an actual vulnerability that needs fixing, or should be marked as Noise or Passed. |
Fixed | Classify an issue as Fixed when it no longer represents a problem. If an issue marked Fixed is found again, its status is changed automatically to Reopened. |
Noise and Passed | Classify an issue as Noise or Passed to indicate that the issue is not relevant and should no longer be considered an issue. Noise often is used for false positive results. Passed typically is used when a subject matter expert determined that the issue, though present on the site, does not constitute a problem in the context of the current report. For example, the status can be useful when you are evaluating accessibility guidelines or regulations to avoid losing focus on the relevant issues. |
Reopened | Issues are automatically classified Reopened when they were previously fixed but occur again. |
New | This status was deprecated as of February 2023.All new issues are classified as Open. If you have New issues from previous scans, AppScan 360° recommends that you change them to Open. |
Triage workflow
The way you utilize issue status may depend on your organization and processes. Issues can be changed to Noise or Passed at any stage in triage. Once an issue is assigned one of these statuses it will not be reopened if found in a future scan, and will not be considered an Active issue (Open, In Progress, Reopened) when calculating Risk Rating.
Edit issue status
Select one or more issues in a list to edit their status together.
- Select all the issues you want to change, and click Edit
status.
Add a comment, to be included with all the edited issues. Optional.
Note: If any of the issues you selected are part of a fix group with the status Automatically apply to future issues, the change will not affect the status of those issues. Note that in the API and the audit trail user interface, Automatically apply to future issues is referred to as "StickyStatus" or "IsSticky".