Passive Scan Rules
This screen allows you to configure the passive scan rules.
Threshold
This controls how likely ZAP is to report potential vulnerabilities.
- If you select Off then the scan rule won't run.
- If you select Low then more potential issues will be raised which may increase the number of false positives.
- If you select High then fewer potential issues will be raised which may mean that some real issues are missed (false negatives).
See also