Security Testing Terminologies
As part of the "Learn Something New Every Day" challenge, I had decided to read an article a day and write short notes on Lessons Learned.
Last month, I have encountered with new terminology in security testing: False Positive.
I have understood in short, It is not an issue to fix. But wanted to learn more in detail.
Below are the references which I have used to learn about Security Terminologies:
https://www.contrastsecurity.com/security-influencers/the-true-cost-of-false-positive-vulnerabilities-in-application-security
https://www.owasp.org/index.php/Benchmark
https://community.softwaregrp.com/t5/ArcSight-User-Discussions/what-is-false-positive-false-negetive-true-positive-and-true/td-p/1582039
After going through these links, It was easy for me to correlate and understand easily.
What I have learned:
Below is the representation of Security Testing Terminologies.
1. False Positives
2. False Negatives
3. True Positives
4. True Negatives
The topic of the day: Security Testing Terminologies
I have understood in short, It is not an issue to fix. But wanted to learn more in detail.
Below are the references which I have used to learn about Security Terminologies:
https://www.contrastsecurity.com/security-influencers/the-true-cost-of-false-positive-vulnerabilities-in-application-security
https://www.owasp.org/index.php/Benchmark
https://community.softwaregrp.com/t5/ArcSight-User-Discussions/what-is-false-positive-false-negetive-true-positive-and-true/td-p/1582039
After going through these links, It was easy for me to correlate and understand easily.
What I have learned:
Below is the representation of Security Testing Terminologies.
1. False Positives
2. False Negatives
3. True Positives
4. True Negatives