Reporting False Positives
A false positive exists when Web Inspector PCI incorrectly detects a Security Hole (vulnerability with a CVSS base score greater than 4.0) or if compensating controls exist elsewhere in the network's security infrastructure to offset or nullify the vulnerability.
Administrators have the ability to submit suspected false positives to Comodo from with the security advisory itself (see below)
If you think this is a legitimate false positive, click the 'Report as False Positive' link or here 'link' shown above. This will open the false positive reporting dialog. (shown below).
- Next, check the box 'You confirm that this security item is a false positive and has been fully patched/fixed on your server'.
- Important - administrators must include information in the text box detailing the patch or compensating control that they have deployed. If this space is left blank then the request will be automatically rejected
- Click 'Save' to submit the report to the Web Inspector PCI technicians for analysis and verification. The advisory will contain the following message to indicate that your submission is under review:
Our support team will review the information provided to ensure it is satisfactory.
The administrator can check the status of the submitted false positive at any time. Click here for more details.
If Confirmed as false positive by our technicians - This security hole will no longer count against your IP address/Domain. Genuine false positives are automatically removed from the list of security holes from which your PCI report is derived.
Your Host Compliancy Status will be automatically updated in your Executive Report. - You do not need to run another scan.
For example - If this false positive represented the only security hole on your host, then your PCI report will change from 'Not Compliant' to 'Compliant' and you can immediately download it.