False positives are when security programs believe that they have found a specific issue (such as a vulnerability, or a possible attack) when in fact there is no issue at all. False positives can create a number of issues for security practioners, such as drawing attention away from real problems which may exist elsewhere. However another important drawback of false positives is to make people want to ignore future security warnings (known as ‘normalisation of deviance’), believing that they are likely to be yet more false warnings.

 

Last updated: 4 September 2017