Auto-resolve vulnerabilities with source advisories marked as false positives
Release notes
This feature reduces noise in vulnerability reports by automatically resolving vulnerabilities that were created by Continuous Vulnerability Scanning, and later marked as false positives.
Problem to solve
Sometimes advisories are published, and later updated to indicate that they were not valid threats. This presents a problem for users because they are forced to manually go back and resolve the vulnerabilities created from these advisories. Doing this automatically will free security efforts on valid findings.
Proposal
Publish a separate event on advisory ingestion that triggers a mass resolution of vulnerabilities created from the now marked as false positive advisoruy.