Businesses Are Experiencing False Positive Security Alerts

Share post:

75% of businesses have spent as much if not more time chasing false positives than they did dealing with actual security threats according to Fastly and Enterprise Strategy Group report.

The report illustrates the current state of security software as a “patchwork of incompatible tools” added when new cloud providers are brought on board to modernize the app architecture.

Cloud and API-based applications make security considerably more complicated than in the era of on-premise computing, as the average of 11 web apps and API security tools shows, costing the typical company nearly $3 million a year.

These tools, the report says, are ineffective and impede growth largely because a safety warning is almost 50% likely to be wrong.

Regardless of the reason for the acquisition, these tools have not worked for many companies, resulting in them either running in log-and-monitor mode (in 53% of cases), being completely disabled (12%) or both (26%).

That makes 91% of businesses disabling or reducing the capabilities of their security software in response to too many false positives.

There are many different ways to get rid of false positives, although the report makes a very persuasive suggestion: buy and install a single, consistent solution designed to meet modern cloud and API security requirements. Only 1% of respondents have done so, though 93% say they plan to do so or are interested in doing so themselves.

For more information, read the original story in TechRepublic.

Featured Tech Jobs


Related articles

Abuse of valid accounts by threat actors hits a high, says IBM

Attackers are finding that obtaining valid credentials is an easier route to achieving their goals, s

Cyber Security Today, Feb. 21, 2024 – A patch warning from ConnectWise, the latest ransomware news, and more

This episode reports on a report comparing business email compromise attacks against ransomware

UK leads takedown of LockBit ransomware gang’s website

The LockBit ransomware gang’s website has been seized, several news agencies reported late Monday. The Reuters news agency and The Register are carrying stories based on a new splash screen that has appeared on the gang’s website. It says, “This site is now under the control of the National Crime Agency of the UK, working

Cyber Security Today, Feb. 19, 2024 – Fake police data breach notification fools Maine’s AG site

This episode reports a recent fake data breach report and two real ones, a man pleads guilty to being involved in malware distribution

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways