Internet Storm Center discusses the month of CSAM false positives: ” The HUGE problem with this is false positives and false negatives.”
Fortinet Blog post discusses the pressure on IT decision makers
Wired story has Gonen Fink, the CEO of LightCyber, writing about how we need better products reviewing the false positives (a false positive is when an alarm is tripped but it actually is not harmful, with different levels of potential harm, some false positives use up precious ITsec time) . LightCyber works with Checkpoint(firewall mfctr) to detect breaches – I assume to detect false positives better. 
hackers are always at the door with Trillions of attacks
Gonen says Target did not have the staff or technical knowledge to sift through the false positives to fix the malware that was found by its equipment. whereas JPMorgan has the budget (many million$ with a staff in the hundreds) to find and deal with attacks.
We will get more Yellow threat level days… then what?
I remember viewing many attacks on the networks of clients I worked in, and even this website gets attacked from Russia(tryal.ru) and more.
The solution is to assign resources and use the right technology for your situation
Contact us join our free mailing list