Skip to content

False Negative

Understanding False Negative Security Vulnerabilities: Challenges and Solutions

Minimize False Negatives
Table of Contents

What is a false negative?

Designing test cases that accurately identify defects in software can be challenging. As scanners run and tests are conducted, false negatives happen when problems aren’t picked up even though there are bugs or vulnerabilities in the application being tested. In the case of a false negative, the test passes when a bug or security vulnerability is in fact present or the functionality is not working as it should.

The more times testing tools and strategies give false negatives (as well as false positives), the less reliable and useful the results. Though both of these are a problem, a false negative is more damaging because it lets a problem go undetected, creating a false sense of security. Whereas a false positive may consume a lot of a tester’s energy and time, a false negative allows a bug to remain in the software. For this reason, software development teams need to use testing tools and strategies they can trust to accurately assess and report on the quality of their software.

 

Learn More About Contrast Security

Contrast is the clear customers’ choice

Contrast is named a Customers’ Choice in the 2021 Gartner Peer Insights “Voice of the Customer”: Application Security Testing report. With the highest percentage of 5-star ratings, this is the third consecutive year Contrast has received this powerful endorsement from customers.

gartner-peer-insight-2021

Built for Developers. Trusted by Security.

Infosys
ring-central-logo-1
bmw-logo-rgb
backbase-logo-2
intuit-logo
credit-suisse

Learn Secure Code

Cross Site Scripting (XSS)

CROSS SITE SCRIPTING (XSS)

Learn about Cross site scripting (XSS) and how it affects your Java source code

SQL Injection - Java-1

SQL INJECTION

Learn about SWL injection and how it affects your Java source code

Client Side Injection

CLIENT SIDE INJECTION

Learn about client-side injection and how it can affect your source code