Understanding “false positives” and how they are used in information security can save companies from falling prey to hackers. Understand why I say this.
In the security area, the professional, the tool or even a security process or control, unlike other areas of technology, is obliged to make multiple decisions during the day.
These decisions make certain users able to access the data to work and, at the same time, keep attackers or fake users away from having the same access.
Therefore, many times these same decision-makers can make mistakes and make wrong decisions, driven even by lack of information or better adjustments in the decision rules.
The objective of the security professional is to find out where these problems can occur and try to solve them with some techniques that I detail throughout the episode of this video.