FortWatch

Dismissing Issues

Dismissing Issues

Not every security finding requires immediate action. FortWatch's dismiss workflow lets you acknowledge an issue and set it aside with a documented reason, keeping your issue queue focused on what actually needs fixing.

When to Dismiss

Common reasons to dismiss an issue include:

  • The finding is a false positive — the scanner detected something that is not actually a vulnerability in your specific context.
  • You have an accepted risk — you are aware of the issue but have decided the risk is acceptable given your environment.
  • A mitigating control is in place — another security measure addresses the risk (e.g., a WAF rule, network segmentation).
  • The finding is not applicable — it does not apply to your use case or environment.
  • The finding is noise — a low-value detection that is not actionable.

How to Dismiss an Issue

  1. Navigate to the issue you want to dismiss.
  2. Click Dismiss.
  3. Select a dismiss reason from the available options: False Positive, Accepted Risk, Mitigating Control, Not Applicable, or Noise.
  4. Optionally add notes explaining your reasoning. This is recommended for audit trails.
  5. Set an expiry date (optional):
    • 30 days — The issue will be automatically reopened after 30 days for re-evaluation.
    • 90 days — Reopened after 90 days.
    • 1 year — Reopened after 1 year.
    • Permanent — The issue will remain dismissed indefinitely.
  6. Confirm the dismissal.

Expired Dismissals

When a dismissal expires, the issue is automatically reopened with Open status. This ensures that accepted risks are periodically re-evaluated rather than forgotten. The original dismiss reason and notes are preserved in the issue history for reference.

Best Practices

  • Always add notes when dismissing — your future self (or a teammate) will want to know why.
  • Avoid permanent dismissals unless you are absolutely certain the finding will never be relevant.
  • Use 90-day expiry as a default for accepted risks, so they are reviewed quarterly.
  • Review your dismissed issues periodically to ensure the reasons are still valid.

← Previous

Issue Lifecycle

Next →

Filtering and Searching