False Positive / False Negative
A false positive "reports" there is an issue when there is not a problem.
Example: you run a vulnerability scan and it says that you are missing Apache updates for your web server. When you talk to the website admin he informs you that he has no Apache web servers, only Windows IIS.
A false negative should have caught the problem but missed it completely. An example: you know that your system is missing updates but when you perform the vulnerability it says all the updates are there.
In both cases, you need to tune your system.
Vulnerability scanners, IPSs, & IDSs are all prone to both false positives & false negatives.
No comments:
Post a Comment