False Positive

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

Abbreviation(s) and Synonym(s):

None

Definition(s):

  An alert that incorrectly indicates that a vulnerability is present.
Source(s):
NIST SP 800-115

  An alert that incorrectly indicates that malicious activity is occurring.
Source(s):
NIST SP 800-61 Rev. 2

  An instance in which a security tool incorrectly classifies benign content as malicious.
Source(s):
NIST SP 800-83 Rev. 1

  Incorrectly classifying benign activity as malicious.
Source(s):
NIST SP 800-86

  An erroneous acceptance of the hypothesis that a statistically significant event has been observed. This is also referred to as a type 1 error. When “health-testing” the components of a device, it often refers to a declaration that a component has malfunctioned – based on some statistical test(s) – despite the fact that the component was actually working correctly.
Source(s):
NIST SP 800-90B under False positive

Glossary Comments

Comments about specific definitions should be sent to the authors of the linked Source publication. For NIST publications, an email is usually found within the document.

Comments about the glossary's presentation and functionality should be sent to secglossary@nist.gov.

See NISTIR 7298 Rev. 3 for additional details.

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

Computer Security Resource Center

Computer Security Resource Center

False Positive

Glossary Comments