🚧 DevGuard & this page is under active development. Visit the DevGuard Repo →
How-to GuidesVulnerability ManagementCreate Vulnerability Events

Create Vulnerability Events

Track vulnerability lifecycle with events. Record assessments, decisions, and actions taken on vulnerabilities to maintain a complete audit trail for compliance and remediation tracking.

Prerequisites

Before you begin, ensure you have:

  • Access to a DevGuard organization, project, and asset
  • Read access to vulnerabilities in your asset
  • Write access to create events (typically Owner or Admin role)
  • Identified which vulnerability you want to document

Event Types

DevGuard supports these vulnerability events:

EventPurposeWhen to Use
AcceptedDocument a deliberate risk acceptanceYou’ve assessed and accepted the risk
False PositiveMark the vulnerability as not applicableThe vulnerability doesn’t affect your code or environment
FixedRecord vulnerability remediationYou’ve fixed the vulnerability in code
ReopenedReopen a closed vulnerabilityAn accepted/false positive requires re-evaluation
MitigateCreate a ticket for remediationYou’re creating a tracking issue for the team
CommentAdd notes without changing statusYou need to provide context or updates

Create an Event

Via Web UI

  1. Navigate to Organization → Project → Repository → Vulnerabilities

  2. Click on a vulnerability to open its details

  3. In the Events section at the bottom, you’ll see the event history

  4. Select an action from the available options:

    • Accept Risk: Mark as intentionally accepted
    • False Positive: Mark as not applicable
    • Create Ticket: Open a mitigate event
    • Reopen: Reopen if previously marked as false positive or accepted
    • Add Comment: Document additional context

  5. Provide required information:

    • Justification: Explain your decision
    • Mechanical Justification (for false positives): Select the reason

  6. Click Save

The event is recorded immediately with your user ID and timestamp.

Event Timeline

The Events section shows a complete audit trail:

  • Detected: When DevGuard first discovered the vulnerability
  • User Actions: All manual events (accepted, reopened, fixed, etc.) with user ID and timestamp
  • Automatic Updates: Risk score recalculations and system events

This timeline is included in compliance reports (CSAF) and supports regulatory audits.

Best Practices

Document Decisions

Every event should explain the decision made:

  • Acceptance: Explain business impact and mitigations
  • False Positive: Specify which reason applies
  • Reopened: Explain what changed
  • Fixed: Mention the patch or update version

Regular Review

  1. Review accepted vulnerabilities monthly
  2. Reopen if circumstances change
  3. Follow up on open tickets
  4. Close events only when truly fixed
Sync External Vulnerability Data (VeX Ingestion)Customize Risk Scores