Audit.xml contained inside the FPR has only the data of modified or assigned application vulnerabilities
Fortify Software Security Center
On some scenarios, Audit.xml file appears to be empty. This happens when the user downloads the Application FPR and opens it to check the Audit.xml file.
Audit.xml file would only contain the data that has been modified or assigned on the Application Version Audit section. Basically, it will contain data of vulnerabilities being worked on only.
Support Article Reference Number (URL Name)
CyberRes Community Manager
If you find this post useful, give it a ‘Like’ or use ‘Verify Answer’