Category: Secure Coding Points: 5 Description:
When looking at results from a static analysis scan or from a penetration testing solution, there are always findings that are not real problems. The tool made a mistake or the analysis was incomplete which led to showing an issue which is actually not a problem in reality. How do we call such an issue?
Such an issue is called a false positive.
- none yet