FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

DevSecOps: Detecting false positives in SAST and DAST scans and prioritizing

rswarnka
Helper

‎10 May 2022 08:39 AM

Hi there, Enterprise wide we have integrated SAST (sonarqube, checkmarx) and DAST (Qualys WAS, Qualys SSL) tools in our Azure devops CICD pipelines and these tools do generate false positives. 

Is there feature to focus the devs to fix only most critical and most probable exploits/bugs/vulnerabilities? 

 

 

0 Kudos
Reply
2 REPLIES 2

ChadTurner
DynaMight Legend
DynaMight Legend

‎11 Jan 2023 03:37 PM

@rswarnka were you able to find a solution to this? if so could you please share it with the community? 

-Chad
0 Kudos
Reply

rswarnkar
Visitor
In response to ChadTurner

‎19 Jan 2023 02:22 PM

Hi @ChadTurner oops missed this chat, as of no, not yet, meanwhile moved away from this project. But would be interesting to see someone answer this in future. Thanks !  

0 Kudos
Reply
Ask a question

Featured Posts