## Goal Improve the first-time and ongoing user experience of ~"Category:SAST" by reducing false positive findings that users have to dig through. See &10907 for associated preparation work, broader context, and further work. ## Scope In scope: - ~"Category:SAST" built-in rulesets. Out of scope: - IaC Scanning (see https://gitlab.com/groups/gitlab-org/-/epics/8040+ instead) - ~"Category:Secret Detection" - ~"Category:Code Quality", due to pending changes to scanning (&8161). - Custom rulesets. ## Signs of success - Reduced customer support/pre-sales/post-sales tickets, queries, or issues related to number of false positive findings - Fewer dismissed findings - Smaller report artifact sizes ## Data/links [Internal dismissed/resolved/confirmed findings dashboard (team members only)](https://app.periscopedata.com/app/gitlab/927624/Vulnerability-Info-False-Positives-Confirmed-Resolved-(Dismissed-Findings))