The dreaded false positive exhaustion experienced by analysts brings with it numerous issues. Analysts begin ignoring reports, reviewing a false positive takes time and money, and incident response and threat hunting are affected. Scanning vendors continuously improve their procedures to better prevent false positives, but they still continue to have an impact on IT operations. The impact of false positives can be severe when benign reports create exhaustive overhead for your analysts. Worse yet, explaining to auditors why some items were marked can be tricky.