False Positive
Balancing Sensitivity and Specificity: Managing False Positive Security Vulnerabilities
Learn How to Minimize False PositivesTable of Contents
What is false positive?
False positives occur when a scanning tool, web application firewall (WAF), or intrusion prevention system (IPS) incorrectly flag a security vulnerability during software testing. False positives describe the situation where a test case fails, but in actuality there is no bug and functionality is working correctly. Because false positives need to be checked out and this can be a time-consuming process, they typically eat up valuable IT bandwidth that should be applied to more important tasks.
High rates of false positives are efficiency disrupters, having a drag effect on IT software development and testing teams. While a false positive is improperly indicating the presence of a problem when in reality one does not exist (the software is functioning as intended), the false negative is the opposite, giving you a false senses of security by indicating you don’t have a vulnerability when in fact you do.
Contrast is the clear customers’ choice
Contrast is named a Customers’ Choice in the 2021 Gartner Peer Insights “Voice of the Customer”: Application Security Testing report. With the highest percentage of 5-star ratings, this is the third consecutive year Contrast has received this powerful endorsement from customers.
![gartner-peer-insight-2021](https://www.contrastsecurity.com/hs-fs/hubfs/gartner-peer-insight-2021.png?width=820&height=600&name=gartner-peer-insight-2021.png)
Built for Developers. Trusted by Security.
![Infosys](https://www.contrastsecurity.com/hs-fs/hubfs/Infosys.png?width=196&height=79&name=Infosys.png)
![ring-central-logo-1](https://www.contrastsecurity.com/hs-fs/hubfs/ring-central-logo-1.png?width=196&height=31&name=ring-central-logo-1.png)
![bmw-logo-rgb](https://www.contrastsecurity.com/hs-fs/hubfs/bmw-logo-rgb.png?width=196&height=196&name=bmw-logo-rgb.png)
![backbase-logo-2](https://www.contrastsecurity.com/hs-fs/hubfs/backbase-logo-2.png?width=196&height=17&name=backbase-logo-2.png)
![intuit-logo](https://www.contrastsecurity.com/hs-fs/hubfs/intuit-logo.png?width=196&height=56&name=intuit-logo.png)
Learn Secure Code
![Cross Site Scripting (XSS)](https://www.contrastsecurity.com/hs-fs/hubfs/Cross%20Site%20Scripting%20(XSS).png?width=1114&height=586&name=Cross%20Site%20Scripting%20(XSS).png)
CROSS SITE SCRIPTING (XSS)
Learn about Cross site scripting (XSS) and how it affects your Java source code
![Client Side Injection](https://www.contrastsecurity.com/hs-fs/hubfs/Client%20Side%20Injection.png?width=1114&height=586&name=Client%20Side%20Injection.png)
CLIENT SIDE INJECTION
Learn about client-side injection and how it can affect your source code