Finding Statuses¶
Every finding in Mayo ASPM has a status that tracks its position in the remediation lifecycle. There are 7 statuses.
Status reference¶
Open¶
| Attribute | Value |
|---|---|
| Color | White / neutral |
| Set by | System (on finding creation) |
| Meaning | Newly detected, no action taken yet |
A finding enters the Open state when it is first detected by a scanner. It has not been evaluated by any triage policy or manual review.
Triaged¶
| Attribute | Value |
|---|---|
| Color | Blue |
| Set by | System (after policy evaluation) |
| Meaning | Triage policy has been evaluated; decision is pending human review (deferred) |
A finding moves to Triaged when a triage policy evaluates it but produces a defer decision, or when the finding enters the triage queue for manual review.
Confirmed¶
| Attribute | Value |
|---|---|
| Color | Orange |
| Set by | Policy (accept) or manual action |
| Meaning | The finding is a real, actionable security issue |
A finding is Confirmed when:
- A triage policy accepts it (
decision := "accept") - A user manually marks it as accepted
- It is eligible for ticket generation
Suppressed¶
| Attribute | Value |
|---|---|
| Color | Gray |
| Set by | Policy (reject) or manual action |
| Meaning | The finding is noise, a false positive, or not applicable |
A finding is Suppressed when:
- A triage policy rejects it (
decision := "reject") - A user manually suppresses it with a reason
Suppressed findings are hidden from default dashboard views but can always be filtered and reviewed.
In Progress¶
| Attribute | Value |
|---|---|
| Color | Yellow |
| Set by | Jira sync or manual action |
| Meaning | A developer is actively working on remediation |
A finding moves to In Progress when:
- The linked Jira ticket moves to an in-progress status
- A user manually marks it as in progress
Resolved¶
| Attribute | Value |
|---|---|
| Color | Green |
| Set by | Scan verification, Jira sync, or manual action |
| Meaning | The finding has been fixed |
A finding is Resolved when:
- A subsequent scan no longer detects the finding
- The linked Jira ticket is closed
- A user manually resolves it
Automatic verification
The strongest form of resolution is scan-verified — the finding disappears from subsequent scans, confirming the fix.
Reopened¶
| Attribute | Value |
|---|---|
| Color | Red |
| Set by | System (on re-detection) |
| Meaning | A previously resolved finding has reappeared |
A finding is Reopened when:
- It was previously Resolved but a new scan detects it again
- The vulnerability was reintroduced (e.g., dependency downgraded)
Status transitions¶
┌─────────────────────────────────┐
│ │
▼ │
Open ──▶ Triaged ──▶ Confirmed ──▶ In Progress ──▶ Resolved
│ │
└──▶ Suppressed │
│ │
└── (unsuppress) ──▶ Open │
│
Reopened ◀────┘
│
└──▶ Confirmed
Valid transitions¶
| From | To | Trigger |
|---|---|---|
| Open | Triaged | Policy evaluation or manual triage |
| Triaged | Confirmed | Policy accept or manual accept |
| Triaged | Suppressed | Policy reject or manual suppress |
| Confirmed | In Progress | Jira sync or manual |
| Confirmed | Resolved | Scan verification or manual |
| In Progress | Resolved | Jira closed or manual |
| Resolved | Reopened | Re-detected in a new scan |
| Reopened | Confirmed | Manual or automatic |
| Suppressed | Open | Unsuppress action |
Filtering by status¶
In the UI¶
Use the Status filter on any findings view:
- Default view shows: Open, Triaged, Confirmed, In Progress, Reopened
- Suppressed and Resolved are hidden by default (toggle to show)
In the API¶
curl "https://mayoaspm.com/api/findings?status=open,confirmed,reopened" \
-H "Authorization: Bearer mayo_ak_..."
Status counts on dashboards¶
Project dashboards show finding counts grouped by status:
| Status | Included in "Open" count | Visible by default |
|---|---|---|
| Open | Yes | Yes |
| Triaged | Yes | Yes |
| Confirmed | Yes | Yes |
| In Progress | Yes | Yes |
| Reopened | Yes | Yes |
| Suppressed | No | No |
| Resolved | No | No |
When to use each status¶
| Scenario | Status | How |
|---|---|---|
| Just detected, no review yet | Open | Automatic |
| Policy says it's noise | Suppressed | Triage policy → reject |
| Policy says it's real | Confirmed | Triage policy → accept |
| Developer is fixing it | In Progress | Jira ticket moved to "In Progress" |
| Fixed and verified | Resolved | Next scan doesn't detect it |
| Regression — issue returned | Reopened | Re-detected after resolution |
Next steps¶
- Severity levels — severity classification
- Triage policies — automate status transitions
- Ticket generation — create tickets from Confirmed findings