PickYourTechPickYourTech home
OpenVAS Scanner logo

OpenVAS Scanner

Powerful, continuously updated vulnerability scanner for comprehensive security testing.

Vulnerability Scanners

The OpenVAS Scanner provides a full-featured, continuously updated vulnerability testing engine, buildable from source, with Rust‑based integration and optional Docker containers for flexible deployment.

OpenVAS Scanner banner

Overview

Overview

The OpenVAS Scanner delivers a robust vulnerability testing engine that continuously receives updated vulnerability tests (VTs). It is aimed at security professionals, system administrators, and DevOps teams who need on‑premise, customizable scanning capabilities and wish to integrate with Greenbone Enterprise appliances or other GVM modules.

Deployment Options

Users can compile the scanner from source using CMake and Make, or leverage the Rust implementation that centralizes the scanning stack while still using the proven C engine. For rapid provisioning, official Docker images are available from the Greenbone registry, though they remain under active development. A pre‑configured Greenbone Community Trial virtual machine is also offered for those uncomfortable building from source.

Maintenance & Support

All releases are signed with the Greenbone Community Feed GPG key, ensuring integrity. The project is maintained by Greenbone AG under the GPL‑2.0 license, encouraging community contributions while providing a stable foundation for vulnerability assessment.

Highlights

Continuously updated vulnerability test feed
Native Rust implementation centralizing scanner components
Flexible deployment via source build or Docker containers
Signed release packages verified with Greenbone GPG key

Pros

  • High detection coverage from extensive VT feed
  • Open source GPL‑2.0 license encourages community contributions
  • Rust integration simplifies configuration and future development
  • Official Docker images enable quick, reproducible environments

Considerations

  • Building from source requires C/C++ toolchain and familiarity with CMake
  • Container images are still under development and may lack full stability
  • Rust implementation currently wraps the existing C scanner, not a full rewrite
  • Limited official support outside Greenbone Enterprise offerings

Managed products teams compare with

When teams consider OpenVAS Scanner, these hosted platforms usually appear on the same shortlist.

Qualys VMDR logo

Qualys VMDR

Risk-based vulnerability management with automated prioritization and patching.

Rapid7 InsightVM logo

Rapid7 InsightVM

Vulnerability management with live dashboards, unified agent, and risk-based prioritization

Tenable Vulnerability Management logo

Tenable Vulnerability Management

Risk-based vulnerability management for continuous discovery, prioritization, and remediation

Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.

Fit guide

Great for

  • Security teams needing a customizable, on‑premise vulnerability scanner
  • DevOps engineers who prefer containerized security tooling
  • Researchers wanting to extend or audit the scanner codebase
  • Organizations that require signed, verifiable release binaries

Not ideal when

  • Users seeking a turnkey commercial scanner with dedicated vendor support
  • Environments without ability to compile C/Rust code
  • Small businesses preferring cloud‑based SaaS scanning solutions
  • Teams that need a fully stable container image out‑of‑the‑box

How teams use it

Internal network assessment

Identify vulnerable hosts across the corporate LAN and generate detailed remediation reports.

Continuous integration pipeline

Run automated scans on staging environments via Docker to catch regressions before release.

Custom vulnerability development

Extend NASL scripts using the open source codebase to test proprietary applications.

Training and certification

Deploy the Greenbone Community Trial VM for hands‑on learning of vulnerability management workflows.

Tech snapshot

Rust50%
C36%
NASL11%
Shell1%
Yacc1%
CMake1%

Tags

fooopenvas-scanneropenvasvulnerabilityvulnerability-detectiongreenbone-community-editiontechopsvulnerability-managementscannergreenbonegreenbone-vulnerability-managementgvmcvulnerability-scannersvulnerability-assessment

Frequently asked questions

How do I verify the integrity of a release?

All release files are signed with the Greenbone Community Feed GPG key; download the key from greenbone.net and verify the fingerprint.

Can I run the scanner without building from source?

Yes, you can use the provided Docker images or the pre‑configured Greenbone Community Trial virtual machine.

What language is the new implementation written in?

The new scanner stack is being rewritten in Rust while still leveraging the existing C engine.

Is there commercial support available?

Commercial support is offered through Greenbone Enterprise products; the community edition is maintained by Greenbone AG without a support SLA.

Which operating systems are supported?

The scanner builds on typical Linux distributions that provide a C/C++ toolchain and Rust compiler; container images run on any Docker‑compatible host.

Project at a glance

Active
Visit siteView repo
Stars
4,355
Watchers
4,355
Forks
753
LicenseGPL-2.0
Repo age8 years old
Last commityesterday
Primary languageRust

Last synced yesterday