October 16, 2023 TIL - DefectDojo Finding Statuses & How Each Status Affects Future Finding Statuses on (Re)Import-Scan
In DefectDojo, a finding status may or may not have an impact on future finding statuses.
For example, a finding status of Inactive, Mitigated, False Positive WILL NOT reopen a finding (set a finding status to Active) if found in future scans.
However, a finding status of Mitigated WILL reopen a finding (set a finding status to Active) if found in future scans.
| Finding Status | Description | Impact to Future Finding Status |
|---|---|---|
Active |
When a finding is found in the current scan. Findings are typically set to Active automatically based on the reported results from each security scan. |
Active findings keep the first/original finding set to Active while all future instances of the same finding are to Inactive, Duplicate. |
Mitigated |
When a finding in the current scan is manually set to Mitigated. |
Manually setting the first/original finding status to Mitigated will automatically set the first/original finding status to Inactive, Mitigated. However, if the same finding is found in future scans, the finding will be reopened. When a finding is reopened, the first/original finding status will be set to Active and future instances of the same finding will be set to Inactive, Duplicate. |
False Positive |
When a finding in the current scan is manually set to False Positive. |
Manually setting the first/original finding status to False Positive will automatically set the first/original finding status to Inactive, Mitigated, False Positive. If the same finding is found in future scans, the finding will not be reopened, the first/original finding status will remain set to Inactive, Mitigated, False Positive and future instances of the same finding will be set to Inactive, Duplicate. |
Out Of Scope |
When a finding in the current scan is manually set to Out Of Scope. |
Manually setting the first/original finding status to Out Of Scope will automatically set the first/original finding status to Inactive, Mitigated, Out Of Scope. If the same finding is found in future scans, the finding will not be reopened, the first/original finding status will remain set to Inactive, Mitigated, Out Of Scope and future instances of the same finding will be set to Inactive, Duplicate. |
Risk Accepted |
When a finding in the current scan is manually set to Risk Accepted. |
Manually setting the first/original finding status to Risk Accepted will automatically set the first/original finding status to Inactive, Risk Accepted. If the same finding is found in future scans, the finding will not be reopened, the first/original finding status will remain set to Inactive, Risk Accepted and future instances of the same finding will be set to Inactive, Duplicate. |
- Quick reference table for troubleshooting issues with DefectDojo findings reopening after previously being closed