Skip to main content

Approve or reject SCA mitigations

You can approve or reject mitigations that members of your team propose for component licenses or vulnerabilities.

Before you begin:

You must have the Mitigation Approver role.

To complete this task:

  1. In the application profile, select Mitigations from the left pane.

  2. Click the Mitigated Component Licenses or Mitigated Component Vulnerabilities tab.

  3. From the Proposed tab, select one or more vulnerabilities or licenses on which you want to take action.

  4. From the Action menu, select one of these actions:

    • Accept to accept the proposed mitigation.

    • Reject to reject the proposed mitigation.

    • Comment to enter additional information about the proposed mitigation.


      You must enter a comment when you approve or reject mitigations.

  5. Click Continue.

Next steps:

You can view the mitigation history of a component from the History tab on the Component Profile.

You can also view component mitigation information by severity from the Third-Party Components tab. Hover over findings with an asterisk to view a tooltip with mitigation information.