U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Glossary
A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  J  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X  |  Y  |  Z

False Positive

Definition(s):

  An alert that incorrectly indicates that a vulnerability is present.
Source(s):
NIST SP 800-115

  An alert that incorrectly indicates that malicious activity is occurring.
Source(s):
NIST SP 800-61 Rev. 2

  An instance in which a security tool incorrectly classifies benign content as malicious.
Source(s):
NIST SP 800-83 Rev. 1

  Incorrectly classifying benign activity as malicious.
Source(s):
NIST SP 800-86

  An erroneous acceptance of the hypothesis that a statistically significant event has been observed. This is also referred to as a type 1 error. When “health-testing” the components of a device, it often refers to a declaration that a component has malfunctioned – based on some statistical test(s) – despite the fact that the component was actually working correctly.
Source(s):
NIST SP 800-90B under False positive