False Positive : False positive refers to the situation where alerts or alarms coming to a security system or SIEM solution are not actually a security threat. This is a false alarm and can cause unnecessary waste of time and resources for the security team.
False Negative : False negative refers to a situation where a real security threat to a security system or SIEM solution is not detected or ignored. This could lead to a real threat being missed and a potentially serious security breach.
True Positive : True positive refers to a situation where a security system or SIEM solution correctly detects a real threat and generates an alarm or alert.
True Negative : True negative refers to a situation where a security system or SIEM solution does not accurately detect a real threat and does not produce any false alarms.