What is the difference between Fixed, Ignored and False Positive?

When checking vulnerabilities, you have the option of marking a vulnerability as either Fixed, Ignored or False Positive.

Fixed should be used when the vulnerability has been fixed by the developers. If the vulnerability is detected again, it will be re-opened and marked as Rediscovered.

Ignored should be used for vulnerabilities when you know about a vulnerability but do not want to be informed about it in the future. This status should be used with caution.

False Positive should be used in the rare occasion that a vulnerability is reported incorrectly by Acunetix. This status is used after the vulnerability has been verified manually. Kindly report False Positives to our support team.

Share this post

Leave a Reply

Your email address will not be published.