OpenVAS Quality of Detection (QoD)
What is Quality of Detection for OpenVAS?
What is a DAST scan?
Quality of detection (QoD) describes the reliability of a vulnerability test. The values range from 0% to 100%. For detailed information about the different QoD levels, see the OpenVAS/GVM documentation.
Why is QoD Useful?
QoD is useful for filtering false positive vulnerabilities. A lower QoD test is more likely to create false positives.
What QoD filtering should I use?
There is no setting that is best for everyone. The right minimum QoD threshold will depend on the systems being scanned and your tolerance for false positives vs complete results. A common cause of false positives is open source software backporting security fixes to older package version numbers. If you are running Linux distributions with many backported fixes, you may see a higher rate of false positives from low QoD tests.
The default QoD is 70%. However, it can be helpful to run a scan at 0%, which will show you all possible findings. You can then review those finding to determine what level is best for your use case. Note: after you lower your OpenVAS QoD setting in HostedScan, you will need to rescan with OpenVAS to discover all of the lower QoD findings.
Where can I change the QoD for my HostedScan account?
You can change the QoD on your account settings page.