1. Support Center
  2. Documentation
  3. Enterprise Edition
  4. Reference
  5. Settings
  6. False positives

False positives settings

The false positives settings can be accessed via the burger menu. They let you configure how Burp Suite Enterprise Edition handles issues that are flagged as false positives.

If you flag an issue as being a false positive, this will by default be remembered in future scans of the same site, and if the same issue is reported again it will automatically be flagged as a false positive. You can change this behavior using the "Remember false positives for future scans" option.

You can configure how Burp Suite Enterprise Edition matches newly reported issues against past issues that were flagged as false positives. By default, these are matched on the issue type and URL. You can optionally change this so that issues are matched based solely on the issue type. You should use this option with caution. For example, if you enable it, and you flag a SQL injection issue as being a false positive, then all future SQL injection issues reported for the site will automatically be flagged as false positives, even if they arise at different URLs.