When you comment on a flaw, other team members can review the comment to share your opinions and offer possible remediation methods, work assignments, and other shared ideas. User comments are not exported on the scan reports. Therefore, you can consider the comments as a private type of working area while you and your team remediate flaws.
To complete this task:
- In the Triage Flaws page, select the empty box in the Id column to check out the flaw. The green lock icon appears in the column.
- Select the arrow next to the checkbox to expand the details for the flaw.
- In the Action field, select Comment from the dropdown menu.
- Enter your comment in as much detail as possible, and select Save. Saving your action also checks the flaw back in.
A user with the Mitigation Approver role who has access to your application can also check back in a flaw that you have checked out.