Are False Positives Killing Your Cloud Security? Veriti Research Reveals
Security Boulevard, Tuesday, February 25th, 2025
Veriti's latest research identifies key false positive triggers in cloud environments, their underlying causes, and their impact on businesses. By understanding these issues, security teams can refine their defenses and reduce unnecessary alerts without compromising protection.
Two Main Causes of False Positives in Cybersecurity Protections
Brute Force and Protocol-Based False Positives
False positives often stem from the misidentification of normal network behavior as malicious activity. Veriti research highlights two key protocol based categories that frequently trigger false alerts.
SMB Protocol: A Common Cloud Misclassification
The Server Message Block (SMB) protocol is a standard for sharing files, printers, and serial ports within networks. Many organizations use SMB within their cloud environments for internal backups and data transfers. However, when security solutions are configured to monitor internal-to-internal traffic for potential lateral movement attacks, SMB activity is often mistakenly flagged as an intrusion attempt.