Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.1.0
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Administration Guide

    Home FortiCNAPP Administration Guide

    Exceptions example

    Exceptions example

    The following example demonstrates configuring a file path exception.

    In the AcmeApp GitLab repository, the app > views > messages folder is used to house configuration for notifications in your Acme application.

    Since it contains content being developed by your own organization, the AcmeApp content is scanned with SAST or IaC. However, some of the content in this messages folder can trigger false positive vulnerabilities. This file path can be added to the exceptions list so that it is excluded from the vulnerabilities list.

    To add the file path as an exception:

    1. Go to Code security > Exceptions.

    2. Click Add exception.

      1. Define the Vulnerability criteria.

      2. Select the Codespace that includes the AcmeApp repository.

      3. Set the Repository as AcmeApp.

      4. Enter the Criteria filepath as app/views/messages.

      5. Select the Scanner types.

    3. Define the Context:

      1. Set the Reason to False positive.

      2. Enter a comment to describe why this file path is being excluded from the vulnerabilities list.

    4. Click Save. The exception has been added to the Exceptions overview page.

    Previous
    Next

    Exceptions example

    Exceptions example

    The following example demonstrates configuring a file path exception.

    In the AcmeApp GitLab repository, the app > views > messages folder is used to house configuration for notifications in your Acme application.

    Since it contains content being developed by your own organization, the AcmeApp content is scanned with SAST or IaC. However, some of the content in this messages folder can trigger false positive vulnerabilities. This file path can be added to the exceptions list so that it is excluded from the vulnerabilities list.

    To add the file path as an exception:

    1. Go to Code security > Exceptions.

    2. Click Add exception.

      1. Define the Vulnerability criteria.

      2. Select the Codespace that includes the AcmeApp repository.

      3. Set the Repository as AcmeApp.

      4. Enter the Criteria filepath as app/views/messages.

      5. Select the Scanner types.

    3. Define the Context:

      1. Set the Reason to False positive.

      2. Enter a comment to describe why this file path is being excluded from the vulnerabilities list.

    4. Click Save. The exception has been added to the Exceptions overview page.

    Previous
    Next