# The Scanner exclusions tab A **Scanner Exclusion** is a rule that tells Seal to [rename](https://github.com/seal-community/gitbook/blob/main/new-docs/integrations/package-renaming/README.md) a particular package and version in your build so that external scanners stop flagging it as vulnerable. The mechanic is the same as for renaming applied to sealed packages: scanners look up vulnerabilities by package name, and a renamed package has no entries in their databases, so the alert stops. Scanner Exclusions are aimed at false positives that come from scanners other people run on your output: most often your customers' scanners on the artifacts you ship to them. Those alerts can drive significant pressure to "upgrade" packages that are not actually vulnerable (the underlying CVE was retracted, the affected-version range is wrong, the vulnerable code never compiles into the package, and so on). Scanner Exclusions are applied by the Seal CLI when it runs in your CI/CD pipeline, the same way Sealing Rules are. A deployment method that does not run the CLI in CI (Artifact Server, Manual) cannot apply Scanner Exclusions. The feature is hidden until an Admin enables it from Settings. Once enabled, the Scanner exclusions tab and the related actions appear across the platform. The full concept-and-how-to home for Scanner Exclusions is in [Scanner Exclusions](https://github.com/seal-community/gitbook/blob/main/new-docs/using-the-platform/scanner-exclusions/README.md). This page is just the field reference for the list view. ## Columns | Column | Contents | | ------------------- | ------------------------------------------------------------------------------------------------------------------------------ | | *(scope indicator)* | An icon that marks the exclusion as **tenant-wide** (applies to every Seal Project). Project-specific exclusions show no icon. | | **Package** | The package the exclusion targets. | | **Ecosystem** | The package's ecosystem. | | **Version** | The version the exclusion applies to. | | **Project** | The Seal Project the exclusion applies to, or "All projects" for tenant-wide exclusions. | | **User** | The user who created the exclusion. | | **Last updated** | When the exclusion was last modified. | The default sort is by **creation time, descending**. ## Filters * **Search**: free-text search across package names. * **Project**: show only exclusions for a single Seal Project, or exclusions that apply to all projects. ## Per-row actions | Action | Roles | | --------------- | ------------- | | **Edit rule** | Admin, Sealer | | **Delete rule** | Admin, Sealer | ## Related * [Scanner Exclusions](https://github.com/seal-community/gitbook/blob/main/new-docs/using-the-platform/scanner-exclusions/README.md): the canonical home for the concept, the create flow, and the comparison with [package renaming](https://github.com/seal-community/gitbook/blob/main/new-docs/integrations/package-renaming/README.md). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sealsecurity.io/new-documentation/new-docs/protection-page/scanner-exclusions-tab.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.