We have created a custom app id for internal only traffic that is currently generating false positives in our vulnerability scanning. We ideally would like to stop this particular app-id from being scanned for vulnerabilites or at least a specific vulnerability. Unfortunately I've found no way to create an exception based on ID. Application Override would suit us but from the documentation, I gather the signature of the app isn't processed and only the criterea specified in the override. We often seem to look at creating exceptions but the options for this at least appear to me to be too non-specific. Can someone provide some insight?
... View more