English | Deutsch
Home »

Project News

See our News Archive for a complete list of OpenVAS project news.

April 2nd, 2015 - OpenVAS-8 released: Charts, Quality of Detection and PostgreSQL-Support

Following the annual release cycle, the new generation of OpenVAS [1] has been released. The new version of the open framework for vulnerability scanning and management, OpenVAS-8, introduces a comprehensively extended and improved feature set. Advances and improvements were achieved in virtually all areas.

Highlights of this new release are the chart module for a variety of graphical representation, the Quality of Detection (QoD) concept and the optional support of PostgreSQL as database backend. Major advances were also achieved for the access control management: more roles, group admins and super-admin to name just a few. Notable as well is the introduction of the optional multi-scanner support via the new protocol OSP (OpenVAS Scanner Protocol) for which a growing number of servers is expected for the future. Last but not least, the OpenVAS Scanner now requires less ressources and uses redis[2] for the inter-process communication.

All in all OpenVAS-8 ships 28 new and improved features, accompanied with countless smaller changes. The systematic improvements and reliable release of one major update every twelve months once again underlines the position of OpenVAS as the most advanced Open Source solution for vulnerability management. The new version can be downloaded free and is available as Free Software under the GNU GPL license.

The company Greenbone Networks [3] develops and uses OpenVAS as a base for its appliance product family for vulnerability scanning and management. Together with the company SecPod [4] and the growing community, new vulnerability tests and feature improvements are developed on a daily basis. The German Federal Office for Information Security (BSI) [5] supports and utilizes OpenVAS, together with many other federal agencies, as part of their IT security framework.

Read the full announcement

April 25th, 2014 - OpenVAS-7 released: Unified Severity Concept and Access Control Management

Following the annual release cycle, the new generation of OpenVAS [1] has been released. The new version of the open framework for vulnerability scanning and management, OpenVAS-7, introduces a comprehensively extended and improved feature set. Main advances/improvements were undertaken in three domains: improvements to the user interface for power users as well as for beginners, access control and module architecture improvements.

Highlights of this new release are the object tagging, replacememt of threat view by severity view and a new report browser. Another major change is the introduction of access control with groups, roles and permissions. On the architectural side two modules were dropped, the Administrator has been merged into Manager and the desktop client GSD has been dropped in favor of focussing web client advances.

All in all OpenVAS-7 ships 37 new and improved features, accompanied with countless smaller changes. The systematic improvements and reliable release of one major update every twelve months once again underlines the position of OpenVAS as the most advanced Open Source solution for vulnerability management. The new version can be downloaded free and is available as Free Software under the GNU GPL license.

The company Greenbone Networks [2] develops and uses OpenVAS as a base for its appliance product family for vulnerability scanning and management. Together with the company SecPod [3] and the growing community, new vulnerability tests and feature improvements are developed on a daily basis. The German Federal Office for Information Security (BSI) [4] supports and utilizes OpenVAS, together with many other federal agencies, as part of their IT security framework.

OpenVAS-7 can be experienced live at the Linuxtag Conference and Exhibition in Berlin (Germany) [5] from 8th to 10th of May 2014 at the BSI booth.

Read the full announcement

April 17th, 2013 - OpenVAS-6 released: Integrated security information and integration with security tool chain

In keeping with the annual release cycle, the new generation of OpenVAS [1] has been released. The open framework for vulnerability scanning and management, OpenVAS-6 introduces a comprehensively extended and improved feature set. Main advances/improvements were under taken in three domains: 1. improvements to the user interface for power users as well as for beginners, 2. comprehensive integration of international and regional security information and 3. integration with the security tool chain.

Highlights of this new release are the power filter concept and security information management. The latter integrates not only official cross reference of SCAP data right into scan results; with integrating security data of a major German computer emergency response team, DFN-CERT [2], it also adds analysis and reporting capabilities considering regional language and a regional security focus. Improved scan capabilities, password policies, a scan wizard and various other elements round up the new additions into this new generation of OpenVAS. Special attention was given to the integration with the security tool chain via a plugin for the system monitoring family around Nagios [3] and a connector for integrating with the information security management system (ISMS) verinice.PRO [4].

All in all 15 new features were added, accompanied with countless improvements. The systematic improvements and reliable release of one major update every twelve months once again underline the position of OpenVAS as the most advanced Open Source solution for vulnerability management. The new version can be downloaded free and is available as Free Software under the GNU GPL license.

The company Greenbone Networks [5] develops and uses OpenVAS as a basis for its appliance product family for vulnerability scanning and management. Together with the companies SecPod [6], SecuritySpace [7] and the wider community, new vulnerability tests and feature improvements are developed on a daily basis. The German Federal Office for Information Security (BSI) [8] supports and utilizes OpenVAS, together with many other federal agencies, as part of their IT security framework. The company Greenbone Networks [5] develops and uses OpenVAS as a basis for its appliance product family for vulnerability scanning and management. Together with the companies SecPod [6], SecuritySpace [7] and the wider community, new vulnerability tests and feature improvements are developed on a daily basis. The German Federal Office for Information Security (BSI) [8] supports OpenVAS and uses it, together with many other federal agencies, for their IT security framework.

OpenVAS-6 can be experienced live at the Linuxtag Conference and Exhibition in Berlin (Germany) [9] from 22nd to 25th of May 2013 at the BSI booth.

Read the full announcement