28 Jan
2024
8
min read

Should False Positives Exist in 2023?

False positives are a useful indication that your tool is detecting problems and vulnerabilities with a high degree of scrutiny, however the results can be extensive.

Sian-Louise Montgomery
Marketing Consultant

Whether or not false positives should still exist in pen testing process in 2023 depends on what you want to define as a false positive.

Tools should be flagging things with a level of scrutiny and caution that exceeds the potential threat, but what that information is used for should be dictating whether or not the tools are performing well, ideally. More false positives generally equals a better and more rigorous tool.

These tools should be picking up on issues and vulnrabilities that are very unlikely to be a real risk to the business, and then those tools should be feeding down into other more specialist tools that are capable of determining whether or not the vulnerability is legitimate in the context of the environment.

What this teaches us is that if we ask to only see and use tools that are 100% accurate, what we end up with is a tool that misses loads of important information. Equally, if you choose to only use a tool that flags every piece of information as vulnerable, you end up with too much noise and an overload of work for your development teams.

Therefore, the optimal way to test for vulnerabilities in your code is to take a very noisy, wide range tool and use it alongside tools that are capable of greater refinement. This way, you will find yourself in the safest and most structured situation when it comes to testing.

bug report

Get a Free Trial  From Cytix

Haven’t tried Cytix yet? Try our free trial to see how it works.

Get a Free Trial

Start Detecting Vulnerabilities Others Miss Today

  • Detect Vulnerabilities Faster
  • Patch Vulnerabilities Faster
  • Be more compliant
Learn More
business

Detect, Resolve &
Patch Faster With Cytix

Get a free test today and see how it works.
CTA Image
cta rectangle image
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.