False Positive Attestations
Attestations let you mark findings as false positives with documented justification and controlled scope.
Attestation Scopes
- Tag-level — Applies only to a specific image tag
- Historical — Applies to all existing instances of this CVE
- Blanket — Applies to all current and future instances
Creating an Attestation
- Open a vulnerability detail sheet
- Click Attest as False Positive
- Select the scope and category
- Provide justification and evidence
- Set an expiration date (optional)
Audit Trail
All attestations are recorded with the creating user, timestamp, justification, and scope. Expired attestations are automatically flagged by the expiry worker.