Fork me on GitHub

Test and Verification -> Consolidation: Simple false positive treatment

Risk and Opportunity

Risk: As false positive occur during each test, all vulnerabilities might be ignored.
Opportunity: False positives are suppressed so they will not show up on the next tests again. Most security tools have the possibility to suppress false positives. A Vulnerability Management System might be used.

Additional Information

Implementation hints

Usefulness and Requirements of this Activity

Usefullness: High
Required knowledge: Very Low (one discipline)
Required time: Very Low
Required resources (systems): Very Low


ISO27001 2017