About Prediction Policies
To use Fortify Audit Assistant to make predictions about your scan results, you must first define at least one prediction policy. A prediction policy is used to establish confidence thresholds for its predictions. The default confidence thresholds are set at 80%, but you can set them between 0 and 100%, in 10 percent increments. An increase in the confidence thresholds increases the confidence in your results and reduces the number of results to just those that meet or exceed the threshold set. Adjusting the thresholds allows you to fine tune the prediction policy to your software environment.
There are two confidence thresholds to set:
-
False Positive
-
Exploitable
A prediction will not be made if the minimum confidence threshold isn't met. Confidence levels beneath the confidence thresholds are indeterminate — Fortify Audit Assistant can not provide an assessment based on the set confidence level.
Note: During Fortify Audit Assistant configuration, the administrator selects a default global prediction policy, which it uses for an application version if no prediction policy is specified for that application version. If a prediction policy is specified for an application version, then Fortify Audit Assistant uses that policy to assess issues.
See Also
Configuring Audit Assistant Options for an Application VersionConfiguring Audit Assistant