The Open Vulnerability Assessment System (OpenVAS) is the most widespread Open Source solution for vulnerability scanning and vulnerability management. It is used and improved world wide by people ranging from security experts to private users.
Community Site: www.openvas.org
Current version: 8
Greenbone's contribution: over 80%
OpenVAS is the central framework of Greenbone OS. The Greenbone development team leads the OpenVAS development since 2005. The international OpenVAS developer conference was held Greenbone in Osnabrück in 2007, 2009 and 2011, 2013 and 2015 in Hildesheim.
In technical terms, the basis of OpenVAS is a service-oriented client-server architecture: The OpenVAS framework consists of various modules, each with a clearly defined task. These communicate via well established protocols. The communication is consistently SSL-secured.
The internal architecture follows the approach of task-oriented components. In other words, instead of an all-in-one-tool, each task is designed as a service. For example, the OpenVAS Manager is a client of the OpenVAS Scanner service. At the same time the OpenVAS Manager is a service for the Greenbone Security Assistant.
- Small, focussed components can be implemented and operated transparently and securely. Each components uses only the system privileges that it needs to operate properly.
- Each of the service components offers a well-defined communication protocol.
The Manager is the central service that consolidates plain vulnerability scanning into a full vulnerability management system. It controls one or more Scanners as well as other Managers when in master-slave mode. Furthermore, the Manager controls the internal central SQL database where all scan results and configurations are stored.
Various client tools can use the Manager via the XML based stateless OpenVAS Management Protocol (OMP). All intelligence such as sorting or filtering is done by the Manager. This way it is ensured that the user gets a consistent view of the results, no matter which client tool is used.
The Scanner very efficiently executes the actual Network Vulnerability Tests (NVTs) which are updated daily via the Feed. This core of the scan engine is controlled by the OpenVAS Manager.
This service unifies the control of various scanners. For example this allows to integrate web application scanners or OVAL scanners. This service makes the scanner available to OpenVAS Manager and thus they can be used in the same way like OpenVAS Scanner.
Greenbone Security Assistant (GSA)
The Greenbone Security Assistant is a lean web service designed with security in mind. It implements the full functionality offered by OpenVAS Manager.
This module primarily contains the command line tool "omp". It allows a user to build batch processes to control the OpenVAS Manger.
Source Code Architecture
The structure of the source code supports the component-oriented and security-aware tool architecture:
- avoid redundant source code: any code used by more than one component is part of one of the five libraries.
- avoid dependencies on non-common third-party code: rely only on widely used and proven core libraries.