Remember this A false positive from a vulnerability scan indicates the scan detected a vulnerability, but the vulnerability doesn’t exist. Credentialed scans run under the context of a valid account and are typically more accurate than non-credentialed scans.
