if you have a firewall with us and you are getting false positives, this is what the explanation of false positive is


false positive A flagged event that isn’t really an event and has been falsely triggered. - This occurs when the intrusion-detection system detects a legitimate action as a possible intrusion

for example. lets say you are working in your network as normal. and then for some reason, the intrusion detection system sends you an alert saying there is a possible break-in in your network. when you look at the log to investigate, you find out that it was you who triggered the alert, but you were not hacking the system, you were just doing your normal work.

so its called a false because, you did not meant to break into the system

its positive, because whatever you were doing, triggered the condition for a possible hacking in your network. (even though you were not hacking into your system)