Sometimes, it is necessary that a finding or a vulnerability be removed from Integrates for different reasons. Nevertheless, deleting the information is not a good idea in the security world, and it is always important to keep track of these events.

This is why we don’t delete the findings or the vulnerabilities in Fluid Integrates. Instead, analysts can set any of them to a “Deleted” state.

A justification must be part of the process, and the possible values depend on the entity that the analyst wants to hide. The following options are valid for both findings and vulnerabilities:

• It is a duplicate: The finding or vulnerability had been reported previously.
• It is a false positive: After a review process, it was determined that the finding or vulnerability was not.

There is an option only for findings:

• Finding not required: The report was made for a system that no longer exists or for a finished project.

And there is an option only for vulnerabilities:

• Error when reporting: Given that a vulnerability cannot be edited, this option must be selected if you are going to report another vulnerability that corrects it.