Hi there, Enterprise wide we have integrated SAST (sonarqube, checkmarx) and DAST (Qualys WAS, Qualys SSL) tools in our Azure devops CICD pipelines and these tools do generate false positives.
Is there feature to focus the devs to fix only most critical and most probable exploits/bugs/vulnerabilities?
@rswarnka were you able to find a solution to this? if so could you please share it with the community?
Hi @ChadTurner oops missed this chat, as of no, not yet, meanwhile moved away from this project. But would be interesting to see someone answer this in future. Thanks !