Can some one guide me on how to effectively use Bundles (created in AppScan Source for Analysis) in AppScan Source for Developer plugin.
- we scanned a C/C++ code in Visual Studio plugin (AppScan Src. Dev.). We identified a lot of issues as False Positives. I want to get rid of these FP findings.
- we opened the assessment in AppScan Source for Analysis, created Bundle called 'False Positive' and that removed the results from the 'Findings', in Source for Analysis. This works in Source for Analysis.
- now when we opened the same Bundle in Visual Studio and re-scan the latest version of our code. Unfortunately the findings (False Positives as in the Bundles) were not removed. Note, that in our latest source codes some lines numbers of those vulnerabilities (False Positives) have changed. Can this be the reason why the Bundle was ignored?
Appreciate any feedback on this topic.