False negatives are much more dangerous than false positives because they create a false sense of security. Here's why they occur:
Evasive attacks: Sophisticated attackers can use techniques to bypass security measures. These might include zero-day attacks (exploiting unknown vulnerabilities) or file-less attacks that don't rely on traditional malware signatures.
Security limitations: No security system is perfect. There will always be some level of risk that existing tools can't catch. This might be due to limitations in the technology itself or because attackers are constantly developing new methods.
Incomplete security architecture: If a SOC's security posture relies solely on a negative security model (only allowing known good activity), it's more susceptible to false negatives. This approach gives attackers more opportunities to exploit gaps if their tactics avoid established threat patterns.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
pkumar_general
6 months, 1 week ago