After performing a Veracode scan of your application, you can use Veracode Static for Eclipse to propose mitigations for discovered flaws from within Eclipse.
- Potential false positive
- OS environment
- Network environment
- Mitigate by design
You can also accept or reject a flaw already flagged as mitigated. To comment on or mitigate a flaw in Eclipse:
- In Eclipse, select .
- In the Results window, in the Flaw ID column, select the checkbox next to one or more flaws that you want to mitigate.
- From the Actions dropdown menu, select a mitigation action and, then, click Mitigate.
- In the Flaw Mitigation Request window, enter your comments.
- Click Continue.
If you see an access denied error message when attempting to mitigate a flaw, check for
these issues, resolve them, and try to mitigate again:
- There is a policy or sandbox scan in progress for the application.
- You are not working with the most recent scan results.
- You do not have the Mitigation API role.
- Another user has locked the flaw in the Veracode Platform.