NormShield vulnerabilities may be in a single status at a single point in time. Here are the names of these statuses and their meanings;
Note: Ticket assignment to users has nothing to do with the vulnerability status.
The vulnerability is still active and may be exploited by the attackers.
The vulnerability has been tackled (patched, system hardened, fixed) and mitigated.
The vulnerability has been tacked, however, it is up-to security decision maker, pentester or automatic scanner to decide whether it is Closed or still Open.
The vulnerability has been acknowledged but no further action will be taken. This status may be read as "the risk that this vulnerability causes is accepted, we won't take any actions to close it".
The vulnerability is not real. There's no need to take any actions.
The mitigation actions against this vulnerability takes some time and authorities (might be 3rd party) started to take actions.
The vulnerability is on hold. No action is being taken, however, the vulnerability will be dealt later on. The difference between In Progress and On Hold is that, In Progress means there's action going on towards mitigation, but On Hold means there's no action going on (we just don't want to see it as Open).
The vulnerability begs for a false-positive analysis. It can't be understood as Open since further manual analysis is required by the security decision makers or pentesters.
NormShield holds two main statuses Open and Closed for dashboard graphics and analytics such as the vulnerability trend graph on the Vulnerability Dashboard. However, since there are more than one vulnerability statuses, NormShield implicitly classify these statuses into two groups;
Open: Open, Recheck, In Progress, On Hold, Pending Analysis
Closed: Closed, Accepted, False Positive