I’ve been doing VA scans, and at some point I found out that my results are very… Little. Sure, less vulnerabilities are good, but… I was expecting more.
What I meant was, I was expecting to see several vulnerabilities, however the completed scan only highlighted a few.
The host, from netstat, shows way more ports than the Openvas could report.
And I did the default full and fast scans, you can be sure I wasn’t playing with the scan config.
And I also did nmap on the host, which did show a pretty good reflection of the netstat.
But one could also argue perhaps, those ports aren’t a security issue so it wasn’t in the report.
the same answer as given in the thread below should be valid here as well.
Unfortunately this is a question no one can answer you without having knowledge of / deep insights into your scanned environment. The amount of results for a scan highly depends on various factors like:
exposed and identified services, applications
existing vulnerabilities within this services/applications
coverage of 1. and 2. within the feed
the chosen port list (e.g. All TCP vs. nmap top 1000) assigned to your task / target