Greenbone OpenVAS — Open Source Vulnerability Scanner

Introduction

OpenVAS (Open Vulnerability Assessment Scanner) is the scanning engine at the core of the Greenbone Community Edition. It performs network vulnerability assessments by running thousands of Network Vulnerability Tests (NVTs) against target hosts, identifying missing patches, misconfigurations, and known CVEs.

What OpenVAS Does

• Scans networks and individual hosts for known vulnerabilities using NVT scripts
• Identifies missing OS and application patches, weak configurations, and exposed services
• Generates detailed reports with severity ratings, CVE references, and remediation advice
• Supports authenticated scans via SSH and SMB for deeper host-level checks
• Receives daily feed updates with new vulnerability tests from the Greenbone Community Feed

Architecture Overview

The Greenbone stack consists of several components: the OpenVAS scanner engine (written in C), the Greenbone Vulnerability Manager (gvmd) for orchestration, a PostgreSQL database for storing results, and the Greenbone Security Assistant (GSA) web UI. The scanner executes NASL-based vulnerability test scripts against targets. Results flow through gvmd into the database, and users interact with the system through the GSA web dashboard or the GMP protocol API.

Self-Hosting and Configuration

• Deploy using the official Greenbone Community Edition Docker Compose file
• The stack includes openvas-scanner, gvmd, gsad (web UI), PostgreSQL, Redis, and the notus-scanner
• Initial feed synchronization can take 30-60 minutes on first startup
• Access the web dashboard on port 9392 with the default admin credentials
• Create scan targets and tasks from the dashboard, then schedule or run them on demand

Key Features

• Over 100,000 network vulnerability tests updated daily from the community feed
• Authenticated scanning for Linux (SSH) and Windows (SMB/WMI) hosts
• Configurable scan policies ranging from quick discovery to full deep audit
• Export reports in PDF, CSV, XML, and other formats for compliance documentation
• GMP API for automation and integration with ticketing and SIEM systems

Comparison with Similar Tools

• Nessus — commercial scanner with a larger proprietary plugin library; OpenVAS is free and open-source
• Nuclei — template-based scanner focused on web applications; OpenVAS covers broader network infrastructure
• Qualys VMDR — cloud-based enterprise platform; OpenVAS runs entirely on-premise
• Trivy — container and code vulnerability scanner; OpenVAS targets live network hosts and services

FAQ

Q: Is OpenVAS really free? A: Yes. The Greenbone Community Edition and its vulnerability feed are free. Greenbone sells commercial enterprise editions with additional features.

Q: How often are vulnerability tests updated? A: The community feed is updated daily with new NVTs covering recently disclosed CVEs.

Q: Can I scan cloud infrastructure? A: Yes, as long as the scanner has network access to the targets. Ensure your cloud provider allows vulnerability scanning.

Q: How much disk space does it need? A: Plan for at least 8 GB of RAM and 20 GB of storage for the database and feed data.

Sources

• https://github.com/greenbone/openvas-scanner
• https://greenbone.github.io/docs/latest/