While web application scanners (DAST) focus on the application layer, securing your underlying infrastructure requires a different beast. Enter OpenVAS (Open Vulnerability Assessment System) the world’s most advanced open source network security scanner.
As part of the Greenbone Vulnerability Management (GVM) framework, OpenVAS is designed to scan every corner of your network to identify exposures before they can be exploited. In this guide, we’ll explore what OpenVAS is, what it can scan and why it’s essential for modern vulnerability management.
What is OpenVAS?
OpenVAS is a full featured vulnerability scanner that performs thousands of individual tests against target systems. Originally a fork of the famous Nessus scanner, it has evolved into a powerhouse maintained by Greenbone.
It operates by using a massive database of Network Vulnerability Tests (NVTs). These tests are updated daily via a feed, ensuring that the scanner is aware of the latest CVEs (Common Vulnerabilities and Exposures) and zero-day threats.
What Can You Scan with OpenVAS?
One of the greatest strengths of OpenVAS is its versatility. It doesn’t just look at a website; it looks at everything that powers it:
- Operating Systems: Identification of unpatched vulnerabilities in Linux, Windows and macOS.
- Network Hardware: Checking for misconfigurations in routers, switches and firewalls.
- Services & Protocols: Testing common services like SSH, FTP, SMTP and DNS for weak configurations.
- Databases: Scanning MySQL, PostgreSQL and Oracle instances for exposure.
- Virtualization & Cloud: Assessing vulnerabilities in Docker containers, VMware and cloud hosted assets.
Which Vulnerabilities Can It Discover?
OpenVAS is designed to find architectural and systemic flaws that web only scanners might miss. Key discoveries include:
1. Missing Security Patches
OpenVAS detects if your OS or installed software is running an outdated version that is susceptible to known exploits (CVEs).
2. Default & Weak Credentials
It attempts to log in with common default passwords across various services, identifying one of the most frequent entry points for attackers.
3. Insecure Configurations
From weak SSL/TLS ciphers to unnecessary open ports, it highlights configurations that deviate from security best practices.
4. Backdoors and Malware
OpenVAS can identify the presence of known backdoors or signs of an existing compromise within the network environment.
Why Integrate OpenVAS with Securelic?
Managing a standalone OpenVAS instance can be complex due to its heavy resource requirements and intricate reporting. Securelic bridges this gap by:
- Unified Dashboard: Aggregating OpenVAS network scans with your Owasp ZAP and Nuclei applayer scans.
- Intelligent Prioritization: Sorting thousands of potential vulnerabilities by actual risk level (CVSS scores).
- Continuous Attack Surface Management (ASM): Ensuring that as soon as a new asset joins your network, it is automatically inventoried and scanned for flaws.
By leveraging OpenVAS within a broader ASM strategy, you move from reactive patching to a proactive, impenetrable defense.