False Positive

dhufstaderdhufstader Member Posts: 1 ■■□□□□□□□□
in CISSP
I came across an interesting question in Boson that discusses false positives. A false positive is any instance in which something has been incorrectly identified. Let’s say that a business cannot upgrade some software that has known vulnerabilities due to incompatibilities. If the software is upgraded to patch the vulnerability then other critical business applications will not function correctly. Would this this vulnerability now be identified a false positive because of the business case?
· Share on FacebookShare on Twitter

Comments

  • changlinnchanglinn Member Posts: 42 ■■■□□□□□□□
    No if the vulnerability is detected and it is un-patched it is a true positive. It would be called a false positive if you had another mitigation, eg a HIPS that blocked the attack, or the service that was vulnerable being disabled or inaccessible outside of the host.
    A+, C|EH, CISSP, CISM, CRISC, GSTRT, MCSA:Messaging, MCSE:Security
    "Brain does not meet certification requirements, please install more certifications" Me
    Currently Studying: Cyber Security masters and ISC2 CCSP.
    Security blog; http://security.morganstorey.com
    · Share on FacebookShare on Twitter
Sign In or Register to comment.