search

ShiftLeftSecurity / sast-scan

Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
https://discord.gg/DCNxzaeUpd
Apache License 2.0
788 stars 112 forks source link

Whitelist / Exceptions for Terraform Scans #355

Open noelnuguid opened 2 years ago

noelnuguid commented 2 years ago

Hi, is it possible to "accept" certain vulnearbilities in the terraform scan? something like whitelisting it.

prabhu commented 2 years ago

@noelnuguid Could you try the baseline file approach by using scanPrimaryLocationHash as described in the docs?

https://slscan.io/en/latest/getting-started/#suppression