Sometimes, Security for Confluence will find vulnerabilities which are false positives, credentials which have already been revoked, etc. If this happens, you can review the finding. This marks the finding, as well as any other findings which exactly match it, as reviewed in the current and future scans.

In the dashboard (The Soteri Dashboard: Viewing Confluence's Overall Security Status), reviewed findings are not counted towards the total finding count when determining if a space is secure.

Reviewing a finding from the Scan Report

Click the Mark reviewed button on the finding you want to review to open the confirmation window.

Marking a finding as reviewed saves the exact string captured by the rule (in this case, xoxo-523423-234243-234233-e039d02840a0b9379c). That exact string will be marked as reviewed for all existing and future scans.

Once reviewed, the finding can be shown again with the “Show reviewed” toggle, where it can be unmarked.

Note that reviewed findings are scoped to a space – identical findings across multiple spaces must be reviewed separately.