v2
  • LFX Toolkit
  • Release Notes
  • EasyCLA
    • Releases and Known Issues
    • Getting Started
      • Prerequisites
      • EasyCLA Troubleshooting
        • EasyCLA is Disabled
      • EasyCLA FAQs
      • EasyCLA Development Components
    • Project Managers
      • Set up project on EasyCLA
      • Sign in to Project Control Center
      • Create New CLA Group
      • Update Templates
      • Add or Remove a Project from CLA Group
      • View and Manage CLA Group Details
      • Add and Manage GitHub Organizations
      • Add and Manage Gerrit Organizations
      • Add and Manage GitLab Groups
      • View Connection Status of Git Organizations and Repositories
      • Enforce or Remove CLA Mechanism
      • Invalidate a Contributor's Signature
      • Uninstall the EasyCLA Application
    • Contributors
      • Individual Contributor
      • Corporate Contributor
    • Corporate CLA Managers
      • Sign In to the EasyCLA Corporate Console
      • Coordinate Signing CCLA and become initial CLA Manager
      • Add or Delete CLA Managers
      • Approve and Manage Contributors
    • CCLA Signatories
      • Review and Sign a Corporate CLA by Request
    • Glossary
  • Corporate CLA Console
    • Dashboard
    • Projects
      • Sign CLA for a Project
      • Add or Delete a CLA Manager
      • Add and Manage a Contributor
    • Manage Organization
    • Manage your Profile
  • Security Service
    • GitHub Onboarding
    • Manage Vulnerabilities
    • Manage False Positives
      • Regular Expressions Cheat Sheet
    • Manage Non Inclusive Naming
  • Project Control Center (PCC) - Pre Release
    • Overview
    • Adding a Main Project
    • Setup Services for a Project
    • IT Services for a Project
    • EasyCLA Service
    • PCC Dashboard
    • Security Service
    • Cloud Providers
    • Enabling Email Forwarding
    • Setting up a Domain for a Project
    • Source Control
    • Issue Tracking for a Project
    • Mailing List
    • Setting up Wiki
    • Meetings
  • Organization Dashboard - Pre Release
    • Overview
    • Global Statistics
    • Projects
    • My Organization
    • Organization Profile
    • Managing Teams
    • Global Events
    • Global Training and Certifications
    • Resources
    • Membership Details of a Project
    • Benefits
    • Committees
    • Project Contributors
    • Meetings
    • Project Contributions
    • Member Promotions
    • Dashboard
    • Membership Summary
    • Training and Certifications
    • Events Insights
    • Global Attendee Insights
Powered by GitBook
On this page
  1. Security Service

Manage False Positives

PreviousManage VulnerabilitiesNextRegular Expressions Cheat Sheet

Last updated 3 years ago

Manage false positives allows you to define few parameters and assign values to them which can be used to signal false positive at the time of scanning for code secrets. When you define a parameter as a false positive, you can easily detect these

Adding a False Positive Pattern

PCC Security tool allows you to add a false positive parameter which allows the

To add a false positive pattern, perform the following steps:

1.Login into .

2. Search for the required project. The Project dashboard appears. Click Security from the TOOLS STATUS tab.

You can also navigate to Security from the Vertical Sidebar navigation menu. Click Tools and then select Security.

Security

3.The Security page appears. From the Manage False Positive tab, click Proceed.

4.The Manage False Positive page appears with the list of defined false positive parameters. Click Add False Positive Pattern to add a new false positive parameter.

5.The Add False Positive Pattern dialog box appears. There are three parameters that are available for you to select and define. After defining the parameter, click Add to add the parameter as false positive. The three parameters are:

  • Path - Define the path for which you want to flag

  • Secret Type - You can select the required secret type from the drop-down list. Some of the secret types are password assignment, JWT toke, AWS key and many other secret types are available for your to select.

  • Secret Value - You should use a regular expression in order to define a value for Secret Value.

You can delete the existing false positive parameter by click of delete icon.

You can update the existing false positive parameter by click of edit icon.

A regular expression (regex or regexp) is a sequence of characters that specifies a search pattern. Usually such patterns are used by string-searching algorithms for "find" or "find and replace" operations on strings, or for input validation. For more information, refer .

Regular Expressions
PCC
Manage False Positive
Add False Positive
Add False Positive Parameter