The average enterprise spends over 400 hours per year managing false positive alerts from data loss prevention (DLP) or email security tools.

11% of security teams say application security false positives happen constantly.

45% of respondents report consistent false positives from their cloud security tools.

56% of decision-makers at financial institutions named false positives as the leading pain point in fraud operations.

False positives are the #1 blocker to Shift Left, cited by 35% of respondents.

55% of respondents report having to address too many false positives.

Managing the sheer volume of vulnerabilities and false positives were the biggest challenges in securing code, cited by 78% of respondents.

Despite 98% of organisations using vulnerability scanning, only 34% find it highly effective due to false positives.

The top five vulnerability management problems they’re actively trying to solve with AI today were: false positives (49%), overload of data (39%), reliance on manual processes (33%), disparate results from scanning tools (31%), and false negatives (31%)

False positive and negative rates are the No. 1 way that organizations reported that they evaluate the efficacy of AI in security, named by 66% of respondents