Modifying pre-filters for phase 1
Phase 1 uses pre-defined exclude filters to set findings as not interesting.
The pre-filtering mechanism uses exclusion type filters only and follows the format currently used in AppScan® Source. Exclude filters are located here:
<data_dir>\ml\scan_filters\exclude
-
All vulnerabilities are listed in vulnerabilities.off, located at:
<data_dir>\ml\scan_filters\Vulnerabilities.off
-
Vulnerabilities currently excluded during IFA as not interesting are listed in IFA1001.off, located at:
<data_dir>\ml\scan_filters\exclude\general\IFA1001.off
where <data_dir> is the location of your AppScan® Source program data, as described in Installation and user data file locations.
Modify lists by removing lines representing the vulnerability to be considered for the IFA machine learning process.