Secbez Docs

Suppressing Findings

How to manage noise by suppressing known or accepted findings in Secbez.

Not every finding needs immediate action. Secbez provides multiple ways to suppress findings you've reviewed and decided to accept or defer.

Server-side suppression

From the dashboard, you can suppress findings by:

  1. Clicking on a finding
  2. Selecting Suppress
  3. Choosing a reason (false positive, accepted risk, won't fix)

Server-side suppressions persist across scans and don't require code changes.

Baseline tracking

Secbez tracks a baseline of known findings for each repository. When a scan runs:

  • New findings (not in the baseline) are highlighted and may trigger policy failures
  • Baseline findings (already known) are still tracked but don't trigger new alerts

This means your pull request scans only flag new vulnerabilities introduced by the change, not pre-existing issues in the codebase.

Re-opening suppressed findings

If a suppressed finding is later considered important, you can re-open it from the dashboard. The finding will return to open status and be included in future policy evaluations.

On this page

Server-side suppressionBaseline trackingRe-opening suppressed findings