How to confirm a potential False Positive issue in AppScan Enterprise

Technote (FAQ)


How do you confirm a potential False Positive issue in IBM Security AppScan Enterprise, or how do you get additional explanations for a vulnerability?


You receive a vulnerability and you suspect the vulnerability is a false positive, and you want to confirm that, or you need additional explanations on the vulnerability.


Generate data for the vulnerability from AppScan Enterprise and upload the data to a support ticket as follows:

  1. Access the Security Issues report created for your scan.

  2. Click on the Issue id of the vulnerability in question to view the issue details.

  3. Select the Request\Response tab, and perform as follows:
    • Click Download Original HTTP Traffic... and save the file.
    • Do the same for Download Test HTTP Traffic...
    • Take a screenshot of the Request\Response page (showing "Issue Type" and "Variant Properties").
  4. Upload the data to your support ticket
    (as described in How to upload data to a support ticket).

Historical Number


Rate this page:

(0 users)Average rating

Add comments

Document information

More support for:

Security AppScan Enterprise

Software version:

8.0, 8.5, 8.6,, 8.8

Operating system(s):


Software edition:


Reference #:


Modified date:


Translate my page

Machine Translation

Content navigation