Status Descriptions

You can change a finding’s status to one of the following states based on your organization’s context:


The finding has not yet been addressed.

This is the default status for all findings.

False Positive

The finding has been detected as an issue, but you don’t consider it as one.

Example: If you get the Warden finding “AWS S3 Bucket Public Read Permissions Should Be Reviewed” on a non-sensitive bucket that you need to be open to the Internet, then you may want to mark the finding as a false positive.

Risk Accepted

The finding is known to be an issue, but you decided to not patch it and accept the risk.

Example: If you get a Code Scanner finding that requires extensive refactoring or introduces breaking changes to the current code base to fix, you can mark the finding as Risk Accepted until you can start remediation.


The finding has been patched up and addressed. Once a finding is marked as remediated, it should not show up in future scans.

Example: If you get a Web Scanner finding and you already applied the patch for the vulnerability, you can mark the finding as Remediated.