10 May 2022 08:39 AM
Hi there, Enterprise wide we have integrated SAST (sonarqube, checkmarx) and DAST (Qualys WAS, Qualys SSL) tools in our Azure devops CICD pipelines and these tools do generate false positives.
Is there feature to focus the devs to fix only most critical and most probable exploits/bugs/vulnerabilities?
11 Jan 2023 03:37 PM
@rswarnka were you able to find a solution to this? if so could you please share it with the community?
19 Jan 2023 02:22 PM
Hi @ChadTurner oops missed this chat, as of no, not yet, meanwhile moved away from this project. But would be interesting to see someone answer this in future. Thanks !