Alert treatment

How does Inopli perform verification and treatment of false positives during the alert analysis process?

Inopli’s false positive validation process is based on a pre-training phase known as low-rank adaptation, which uses documented rule definitions, previously handled incidents (human or automated), and SIEM alert characteristics to improve contextual accuracy.

During the alert handling process, Inopli evaluates and classifies each case according to learned patterns and operational feedback. Once the analysis is completed, the final disposition — including whether the alert was confirmed or dismissed as a false positive — is automatically recorded and made visible through the Alert Management Dashboard, where analysts and managers can track outcomes, recurrence, and quality of classification.