What you'll learn:
- Installation and management of OpenVAS/GVM
- Complete host scan, server scan and database scan with OpenVAS/GVM.
- Behind the scene of Vulnerability scanning with OpenVAS.
OpenVAS/GVM is a fully-featured vulnerability scanner, but it’s also one component of the larger “Greenbone Security Manager” (GSM).
OpenVAS dates back to 2009 and the project is maintained by a commercial/open-source company. With its focus on the enterprise market and its long history, any risks of enterprises adopting a technology that might become abandoned are greatly reduced.
Here are some notable positives of OpenVAS/GVM:
Has a long history (since 2009) with daily updates and over 50,000 vulnerability tests
Is backed by an enterprise software-security company
Can perform various types of authenticated/unauthenticated tests
Supports a variety of high- and low-level Internet and industrial protocols
Has an internal programming language that can be used for implementing custom vulnerability tests
Vulnerability scanning is one of the foundations of standard enterprise security. An enterprise with a good security posture will have: a firewall, some type of asset-mapping, a vulnerability scanner and possibly even a security team that does some type of pentesting. Keep in mind that the list above is not exhaustive, but the rudimentary outline of an enterprise with a few good security measures in place.
Vulnerability scanners, in particular, are critical for ensuring that any threats that may have made it past the firewall are picked up before they can infect and destroy entire networks.
The enterprise/proprietary vulnerability scanner market is filled with competitors (such as QualysGuard or Nessus), and while some companies prefer running proprietary enterprise scanners, there are also many companies that prefer using collective intelligence and open source scanners.
One such product is OpenVAS (now renamed Greenbone Vulnerability Management or GVM). In this post we’ll refer to OpenVAS/GVM interchangeably, as the old name is still used to identify the software.