Scanning only for Medium / High vulnerabilities


Is there any way to scan only for high / medium vulnerabilities, skipping Low/ Log vuln types ?
Filtering them at the report level isn’t really efficient as it significantly slow down big tasks and grow the DB uselessly.

I’ve looked at creating a custom scan configs, but you can’t filter vuln by criticity level, so it doesn’t help.


No it isn’t. Also often the VTs which are creating only log messages are dependencies of VTs for serious vulnerabilities. Simple example if the is a VT which detects the Apache Web Server and logs its banner it might be a dependency of other VTs for running more specific vulnerability tests.


OK. Thanks for the clarification.