OpenVAS Quality of Detection (QoD)

What is Quality of Detection for OpenVAS?

What is a DAST scan?

Quality of detection (QoD) describes the reliability of a vulnerability test. The values range from 0% to 100%. For detailed information about the different QoD levels, see the OpenVAS/GVM documentation.

Why is QoD Useful?

QoD is useful for filtering false positive vulnerabilities. A lower QoD test is more likely to create false positives.

What QoD filtering should I use?

There is no setting that is best for everyone. The right minimum QoD threshold will depend on the systems being scanned and your tolerance for false positives vs complete results. A common cause of false positives is open source software backporting security fixes to older package version numbers. If you are running Linux distributions with many backported fixes, you may see a higher rate of false positives from low QoD tests.

The default QoD is 70%. However, it can be helpful to run a scan at 0%, which will show you all possible findings. You can then review those finding to determine what level is best for your use case. Note: after you lower your OpenVAS QoD setting in HostedScan, you will need to rescan with OpenVAS to discover all of the lower QoD findings.

Where can I change the QoD for my HostedScan account?

You can change the QoD on your account settings page.

Trusted by these companies and 1000s more

Sign up to get started

HostedScan is 100% read-only, and will never make any modifications to your servers.