Approve or Reject Software Composition Analysis Mitigations

Veracode Software Composition Analysis

You can approve or reject mitigations that members of your team propose for component licenses or vulnerabilities.

You have the Mitigation Approver role.
  1. In the application profile, select Mitigations from the left pane.
  2. Click the Mitigated Component Licenses or Mitigated Component Vulnerabilities tab.
  3. From the Proposed tab, select one or more vulnerabilities or licenses on which you want to take action.
  4. From the Action menu, select one of these actions:
    • Accept to accept the proposed mitigation.
    • Reject to reject the proposed mitigation.
    • Comment to enter additional information about the proposed mitigation.
      Note: You must enter a comment when you approve or reject mitigations.

      enter an approval comment
  5. Click Continue.
You can view the mitigation history of a component from the History tab on the Component Profile.

view the SCA history tab

You can also view component mitigation information by severity from the Third-Party Components tab. Hover over findings with an asterisk to view a tooltip with mitigation information.
View the SCA hover details