False positive vs. Noise
| False positive | Noise | |
|---|---|---|
| What it is | A CVE-based finding that is incorrect for this specific target | An informational finding with no CVE (service detections, config observations) |
| Who applies it | You, manually | Topscan, automatically |
| Effect | Removed from Current, not counted in score | Never counted in score |
How to mark an issue as False positive
- Open the issue detail panel.
- Click False positive at the bottom of the panel.
- The issue is removed from the Current tab.
False positive issues do not affect your Security Score and are excluded from SLA tracking.
When an issue reappears
If a scan detects the same vulnerability again on the same target after you've marked it as a false positive, Topscan will resurface it in Current. This is intentional — if something changes on the target and the vulnerability becomes real, you should know.
Review the issue again and mark it as false positive again if the detection is still incorrect.