Support contacts must be reasonably proficient in the use of information technology, the software they have purchased from Tenable, and familiar with the customer resources that are monitored by means of the software. Support contacts must speak English and conduct support requests in English. Support contacts must provide information reasonably requested by Tenable for the purpose of reproducing any Error or otherwise resolving a support request.
Nessus is a viable competitor to commercial products. It provides open, extensible source code; a robust scanning engine; and external, modular plugins that form the vulnerability-scan database. A community of developers maintains and updates the library of available plugins at the Nessus site. If you have inhouse programming expertise, you can write a custom vulnerability plugin.
Nessus (originally called The Nessus Project) was created by Renaud Daraison in 1998 and was originally an open-source remote security scanner. Several years later in 2005, Tenable Network Security changed Nessus over to a closed-source license. Today, Nessus is a vulnerability scanning platform used by over 27,000 organizations that can detect over 47,000 vulnerabilities.
OpenVAS is an open-source vulnerability scanner that started as a spin-off of Nessus called GNessUs. It took until 2006 for GNessUs to transform into the OpenVAS tool enterprises recognize today. By 2017, Greenbone changed the OpenVAS framework to Greenbone Vulnerability Management, and change the OpenVAS Scanner into a module.
OpenRMF is the only web-based open source tool allowing you to collaborate on your DoD STIG checklists, DISA / OpenSCAP / Nessus SCAP scans, and Nessus ACAS patch data, then generate NIST compliance in minutes (or less). All with one tool!
As Nessus is not installed by default on Kali, you will need to download the Nessus software package prior to installation. First, start the Kali Linux operating system and launch a supported web browser. Follow the below steps to download the necessary Nessus installation files.
Verifying file integrity becomes especially important when you download a file from an external source, such as a vendor website. Verify the listed checksum of the file to the computed hash of the downloaded Nessus installation package, as shown below.
As part of our continuing mission to reduce cybersecurity risk across U.S. critical infrastructure partners and state, local, tribal, and territorial governments, CISA has compiled a list of free cybersecurity tools and services to help organizations further advance their security capabilities. This living repository includes cybersecurity services provided by CISA, widely used open source tools, and free tools and services offered by private and public sector organizations across the cybersecurity community. CISA will implement a process for organizations to submit additional free tools and services for inclusion on this list in the future.
Free and open-source software (FOSS) for vulnerability management does not exist in any single project. We tested a few different vulnerability scanners, which is just one activity inside vulnerability management (albeit an important one).
In an ideal world, you would have both types of scanners deployed on your network and systems. One type of scan identifying and scanning systems connected to the network(s), and another connecting with credentials pulling the list of software and vulnerabilities. In open-source vulnerability scanning these are two separate initiatives, compared to commercial scanners that introduced credentialed and agent-based scanning some time ago.
The results varied between projects: OpenVAS provided some of the best results in terms of accuracy and coverage. Nmap plus Vulners provided a very false positive heavy result set that was difficult to parse or integrate with any other solution (commercial or open source). Vuls.io was its own unique experience, and provided you can set it up properly, provided very detailed results with accuracy, however the web interface for sorting and filtering results requires a great deal of study before it can be useful. The most impactful observation is this: You can get some good coverage and accuracy with FOSS vulnerability scanners, but you will have to work hard to turn this activity into any sort of rudimentary vulnerability management system. This means you can collect a large mass of results, but its up to you to put all the pieces together in order to report the findings to the right people and track remediation.
In 2005, the developers of the vulnerability scanner Nessus decided to discontinue the work under open-source licenses and switch to a proprietary business model. This left Nessus version 2.x as open source and all future versions (3.x and beyond) as proprietary software. Several forks of Nessus were created as a reaction to the discontinuation of the open-source solution. OpenVAS, the Open Vulnerability Assessment System, being the most popular Nessus fork, garnered a lot of attention and support from the security community.
Today the term OpenVAS is one component of the Greenbone Vulnerability Management (GVM) suite available as both open-source and commercial software. There are seven Github repositories now responsible for making up the entire suite of software that allows you to scan your networks for vulnerabilities, collect and manage results and integrate with other solutions.
Total cost: If you are willing to deploy and maintain the Docker containers for GVM the cost for the software is free and you will have to put minimal time and resources into maintaining the scanner itself.
Weaknesses: The open-source graphical user interface (GSA, Greenbone Security Assistant) is functional and an improvement over previous versions; however, it lacks a modern look and feel. The actions are accessed via small icons in the top left and right of the interface and takes some time to learn which icon allows for which action. The various components all must work together for the scans to run, so troubleshooting could be an issue if problems arise.
Support options: Greenbone maintains a community forum ( ) where volunteers help solve problems and offer advices for the most common issues. If you do not wish to run the open-source version, Greenbone offers both commercial solutions and support options ( ).
The free and open-source version of GVM can be deployed as a VM, a Docker container, or compiled from source. In our testing it is easy to get GVM running via a Docker container. While there are several different projects to choose from on DockerHub, we found this project from Immauss Cybersecurity to be the best and most up to date. In fact, after our testing was complete the project released a new version based on the latest version of GVM (21.4.3 at the time of this writing, while testing was performed using version 20.08). The documentation for setup and deployment can be found here:
I plan to use the Docker container version of GSM to perform regular scans of my network. The team at Greenbone has made huge strides in usability and performance. I re-ran some of my testing using the latest version, 21.4.3, and found it to be more responsive and even faster for scans to complete. GSM is, by far, the best open-source vulnerability scanner out there today. The comprehensive set of plugins and security checks, along with the set of features offered in the Greenbone Security manage, that are offered for free is truly amazing.
Free and open-source software may have a place in your security program, depending on your requirements, environment and the skill that exists in your team. There are certain projects that you may choose to use open-source software, and some where you may want to implement commercial software. The choices are yours and depend on many variables. With respect to vulnerability scanning, you may choose open-source software, in fact we highly recommend the free version of OpenVAS to get you started when building a vulnerability management program. You will need other components, but to help prove the value, open-source software can be a great place to start with vulnerability scanning.
I believe that all the projects in this review have their place, and at the very least deserve to be tested. Nmap with Vulners is a suitable place to start, especially for penetration testers looking to get a fast scan on a small number of targets that they are planning to investigate further. OpenVAS, the free and open-source version, has an impressive architecture and plugin set for a tool that you can easily setup and deploy for free. Vuls.io comes in handy for Linux-heavy shops that are looking to track Linux system vulnerabilities to ensure the patching system is working correctly. These tools are a great proving ground for selling security to management, proving a concept or process, and helping test that your security program is working.
OpenVAS has been developed and driven forward by the company Greenbone Networks since 2006. As part of the commercial vulnerability management product family Greenbone Enterprise Appliance, the scanner forms the Greenbone Community Edition together with other open-source modules.
Nessus offers enhanced versions of the Nessus Vulnerability Scanner software which we are not permitted to include in the NST distribution. However, you can download and install this enhanced version of the Nessus Vulnerability Scanner software yourself. 153554b96e