SQ30101
Detected possible false positive detections by third-party scanners.
priority | CI/CD status | severity | effort | RL level | RL assessment |
---|---|---|---|---|---|
None | pass | low | medium | None | malware: warning Reason: antivirus false positives detected |
About the issueโ
False positive detections may cause users to hesitate from deploying a software package. One or more third-party software security solutions have flagged parts of the package as malicious. While these are individual malicious code detection reports, there is no industry-wide consensus that confirms these suspicions. This may happen when a third-party scanner is running the advanced detection heuristics with a higher false positive rate. However, there is a small chance this detection is true positive, and an early indication of a software supply chain attack.
How to resolve the issueโ
- Investigate reported detections.
- If the software intent does not relate to malicious behavior, investigate your build and release environment for software supply chain compromise.
- You should delay the software release until the investigation is completed.
Incidence statisticsโ
Not relevant for this type of issue.
Recommended readingโ
- False positive (External resource - NIST)