Triage Status Definitions

SRM Triage Status definitions are as follows:

• Not Triaged. (Not yet assigned a status.) The finding has not been assessed or categorized.
• Fixed. The finding has been directly fixed in the current version of the software and is awaiting confirmation by a later scan which would set the Finding Status to "Gone."
• Mitigated. The vulnerability has not been fixed, but steps have been taken to reduce its impact or likelihood.
• Ignored. The vulnerability has been deemed insignificant and does not currently warrant action.
• False Positive. The reported finding is not an actual vulnerability. After review, it is determined to be incorrect or misleading, and no action is needed.
• To Be Fixed. The finding has been assessed and flagged as important and therefore needs to be fixed.
• Reopened. The finding has been reopened per the analysis configuration settings. (See Analysis Configuration Options.)