The answer is correct because during the validation process, manual verification or additional testing is usually needed to ascertain the accuracy of the vulnerability findings. Vulnerability scanners can sometimes generate false positives, where the vulnerability does not actually exist, or false negatives, where an existing vulnerability is not reported. Manual verification helps in confirming the true positives, reducing the risk of overlooking real threats or wasting resources on nonexistent issues.
Learn More
AI Generated Content may display inaccurate information, always double-check anything important.
What are false positives and false negatives in vulnerability scanning?
How do vulnerability scanners work?
Why is manual verification necessary in the vulnerability assessment process?