Accepting and rejecting mitigations

To accept or reject a proposed mitigation, you must have the Mitigation Approver role. To remove mitigations from the policy evaluation and security score calculation, you must accept all proposed mitigations.

To list all the applications that have proposed mitigated flaws, from the Applications page, select Show All Applications with Mitigations. The filtered list that appears lists any application that has a proposed, accepted, or rejected mitigation. From this list, you can select on any application to go straight to the Mitigated Flaws page for that application.