I integrated ZAP scans (by proxying e2e tests) in our CI pipelines. I'm checking alert filter plugin to flag false positives. Due to organisational requirements we are supposed to generate two zap html reports
- Report without suppressing false positives
- Report after suppressing false positives
When I use http://zap/JSON/alertFilter/action/addAlertFilter/...
api to mark false positives before active or passive scans, alerts marked as false positives are not reported in HTML (This is expected). After generating report by suppressing false positives, I removed the false positive alert filter using http://zap/JSON/alertFilter/action/removeAlertFilter/...
and tried generating report to get all alerts, but Im not getting report with all alerts.
Using ZAP in UI mode I learnt, creating alert filter after alters are generated doesnt change generated alert confidence. We need to apply the alert filter by clicking the button "Apply" in create alter filter dialog. This will change the confidence of alert already generated and now report contains the alerts.
Now I'm unable to find out how to do this via zap api! api for alert filter has create, view and remove alter filter but no apply. how to "apply" the alert filter from zap api? Thank you.