Unify handling of multiple occurrences of a vulnerability within the same project

Summary

Some Security Product features are considering occurrences as distinct vulnerabilities (SAST, DS) while other are aggregating them into the same vulnerability (DAST). We need to define a consistent behavior and update our features accordingly.

We need to decide whether or not we should aggregate vulnerabilities occurrences and how we should do it.

Please note that this decision will impact how we are identifying a vulnerability across multiple projects too (e.g. for SNR improvement feature)

Proposal

TODO