False Positive - Glossary | CSRC

You are viewing this page in an unauthorized frame window.

This is a potential security issue, you are being redirected to https://csrc.nist.gov.

Official websites use .govA .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPSA lock ( Lock Locked padlock icon ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Search CSRC MENU Search Search

• Projects
• Publications Expand or Collapse

  Drafts for Public Comment

  All Public Drafts

  Final Pubs

  FIPS (standards)

  Special Publications (SPs)

  IR (interagency/internal reports)

  CSWP (cybersecurity white papers)

  ITL Bulletins

  Project Descriptions

  Journal Articles

  Conference Papers

  Books

• Topics Expand or Collapse

  Security & Privacy

  Applications

  Technologies

  Sectors

  Laws & Regulations

  Activities & Products

• News & Updates
• Events
• Glossary
• About CSRC Expand or Collapse

  Computer Security Division

  • Cryptographic Technology
  • Secure Systems and Applications
  • Security Components and Mechanisms
  • Security Engineering and Risk Management
  • Security Testing, Validation, and Measurement

  Applied Cybersecurity Division

  • Cybersecurity and Privacy Applications
  • National Cybersecurity Center of Excellence (NCCoE)
  • National Initiative for Cybersecurity Education (NICE)

  Contact Us

Information Technology Laboratory Computer Security Resource Center

• Projects
• Publications Expand or Collapse
  • Drafts for Public Comment
  • All Public Drafts
  • NIST Special Publications (SPs)
  • FIPS
  • NIST interagency/internal reports (NISTIRs)
  • ITL Bulletins
  • White Papers
  • Journal Articles
  • Conference Papers
  • Books
• Topics Expand or Collapse
  • Security & Privacy
  • Applications
  • Technologies
  • Sectors
  • Laws & Regulations
  • Activities & Products
• News & Updates
• Events
• Glossary
• About CSRC Expand or Collapse Computer Security Division
  • Cryptographic Technology
  • Secure Systems and Applications
  • Security Components and Mechanisms
  • Security Engineering and Risk Management
  • Security Testing, Validation, and Measurement
  Applied Cybersecurity Division
  • Cybersecurity and Privacy Applications
  • National Cybersecurity Center of Excellence (NCCoE)
  • National Initiative for Cybersecurity Education (NICE)
  Contact Us

Search Sort By Relevance (best match) Term (A-Z) Term (Z-A) Items Per Page 100 200 500 All Please fix the following: Search Reset

Glossary

A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

False Positive

Share to Facebook Share to X Share to LinkedIn Share ia Email Definitions:

An alert that incorrectly indicates that a vulnerability is present. Sources: NIST SP 800-115 An instance in which a security tool incorrectly classifies benign content as malicious. Sources: NIST SP 800-83 Rev. 1 Incorrectly classifying benign activity as malicious. Sources: NIST SP 800-86 An erroneous acceptance of the hypothesis that a statistically significant event has been observed. This is also referred to as a type 1 error. When “health-testing” the components of a device, it often refers to a declaration that a component has malfunctioned – based on some statistical test(s) – despite the fact that the component was actually working correctly. Sources: NIST SP 800-90B under False positive An erroneous acceptance of the hypothesis that a statistically significant event has been observed. Sources: NIST SP 800-55v1 under false positive from NIST SP 800-90B

About

See the identified Source document to understand each term-definition pair in its proper context.

Send inquiries about terminology to the Source's authors; NIST publications will usually include a contact email for that Source.

For other inquiries, such as comments about the Glossary's presentation and functionality, use this link.

See the Glossary homepage for more guidance.