Package: Invicti AppSec Core (on-demand), Invicti AppSec Enterprise (on-premise, on-demand)
Suppression rules
Suppression rules can be used to automatically mark vulnerabilities as False Positive, Won't Fix, or Mitigated based on specific conditions you define.
Rule creation and preview
Once a new suppression rule is created, you can see the number of vulnerabilities that will be affected by the created rule before clicking the Save button.
The rule immediately takes effect on the existing vulnerabilities after clicking the Save button.
For vulnerabilities discovered afterward, Invicti AppSec updates the status of those vulnerabilities every 10 minutes.
Rule deletion behavior
If a preset is deleted, Invicti AppSec stops checking for the related suppression rule and any future vulnerabilities won't be affected. However, the status of any vulnerabilities marked according to the deleted preset won't be reverted.
Preset logic
The presets work with an "And" logic which means if a preset is applied on all projects and another preset is applied on projects with a specific label, both presets will be applied.
Project scope limitations
Only one preset that affects all projects can be created. Other presets must be associated with a label to indicate which projects will be affected.
How suppression rules work
- Define conditions: Set specific criteria for vulnerabilities to be automatically suppressed
- Choose status: Select whether to mark as False Positive, Won't Fix, or Mitigated
- Preview impact: Review the number of vulnerabilities that will be affected
- Apply immediately: Rules take effect on existing vulnerabilities upon saving
- Continuous monitoring: New vulnerabilities are evaluated every 10 minutes
Need help?
Invicti Support team is ready to provide you with technical help. Go to Help Center