On what OpenVAS is based on to determine the value of Qod ?
Every vulnerability test (VT) defines a QoD. Its value depends on the reliability of the detection. For example web server banners have a low QoD and local version checks have a high QoD.
2 Likes
I get it thank you.
How can we determine false positifs or false negatifs based o QoD?
Results with low QoD are more likely false positives.
2 Likes
What’is the threshold of a false positive?
You need to check this manually, it is not generic at all. You are just less certain that is is evident with a low QoD.
2 Likes