OpenVAS Quality of Detection (QoD)

What is Quality of Detection for OpenVAS?

What is a DAST scan?

Quality of detection (QoD) describes the reliability of a vulnerability test. The values range from 0% to 100%. For detailed information about the different QoD levels, see the OpenVAS/GVM documentation.

Why is QoD Useful?

QoD is useful for filtering false positive vulnerabilities. A lower QoD test is more likely to create false positives.

What QoD filtering should I use?

There is no setting that is best for everyone. The right minimum QoD threshold will depend on the systems being scanned and your tolerance for false positives vs complete results. A common cause of false positives is open source software backporting security fixes to older package version numbers. If you are running Linux distributions with many backported fixes, you may see a higher rate of false positives from low QoD tests.

The default QoD is 70%. However, it can be helpful to run a scan at 0%, which will show you all possible findings. You can then review those finding to determine what level is best for your use case. Note: after you lower your OpenVAS QoD setting in HostedScan, you will need to rescan with OpenVAS to discover all of the lower QoD findings.

Where can I change the QoD for my HostedScan account?

You can change the QoD on your account settings page.