An instance in which a security tool intended to detect a particular threat fails to do so.
Sources:
NIST SP 800-83 Rev. 1
Incorrectly classifying malicious activity as benign.
Sources:
NIST SP 800-86