High alert with signature
- Mark as New
- Subscribe to RSS Feed
- Permalink
05-20-2025 02:19 PM
Hello,
I'm sending out a message in a bottle — I'm noticing a very high number of false positives on signatures with a high severity level, whether they are Anti-Spyware or Vulnerability Protection signatures. The issue is that the solution doesn't implement a scoring system to determine the relevance of its alerts.
I'm wondering if anyone has already done similar work, and if so, could they share it?
Regards,
- Mark as New
- Subscribe to RSS Feed
- Permalink
08-12-2025 02:01 AM
I’m noticing a very high number of false positives on high-severity signatures, whether they are Anti-Spyware or Vulnerability Protection alerts. The main issue is that the current solution does not implement any scoring system to assess the relevance of its alerts, which leads to alert fatigue and inefficient response. I’m wondering if anyone has already tackled this problem or developed an approach to reduce false positives by adding contextual scoring or prioritization. If so, I would greatly appreciate it if you could share your experience or any resources that might help.
