Handling false positives

As with any automated scanning tool, Burp Suite Enterprise Edition might occasionally highlight issues that, on closer inspection, turn out to be false positives. This could be because you decide after manual testing that the issue is not really present, or it could be that you are aware of the issue but want to keep this behavior despite the potential vulnerabilities that are associated with it.

You can mark it as a false positive either by clicking the "Mark as false positive" button from the issue details page, or by hovering over an issue in the list of scan results and clicking the "FP" icon that appears.

Issues marked as false positives will be labeled as such in the list of issues and "grayed out". They will also be removed from the statistics and charts displayed in the dashboards.

When you mark an issue as a false positive, you will be prompted to decide whether you want to mark similar issues as false positives too. You can choose from the following options:


The option you select here only applies to issues that have already been found by scans. Issues found by future scans will be unaffected by these changes. Instead, they will be marked as false positives based on the global setting defined by the administrator user.