One year after OpenVAS-4 , The OpenVAS project development team has released the fifth version of their vulnerability scanning and management tool. The new version has several new features , also the number of freely available vulnerability checks has increased to over 25,000.
A very practical extension is the possibility to show the differences between two scan reports and the direct availability of current CPE and CVE information inside the OpenVAS database. This saves time for users who are finding out about changes and security recommendations. The new asset management adds a second view on scan results. It allows the user to review scan results for any selection of IP devices in the network.
All in all 20 new features were added, especially focusing on simplifying daily use. The systemtic improvements underline the position of OpenVAS as the most advanced Open Source solution for vulnerability management. The new version can be downloaded free and is available as Free Software under the GNU GPL license.
- Delta reports to analyse differences between two scans.
- Security Information Database: Integrated SCAP data (CPE, CVE) including update method via feed service.
- Integrated Asset Management.
- Configuration object ‘Port Lists’ for transparent TCP/UDP port ranges.
- Prognostic scans based on asset data and current SCAP data.
- Support for individual time zones for users.
- Support for obeservers (granting read-only access)
- Support for notes/overrides lifetimes.
- Trashcan for collecting removed items before ultimate deletion.
- Container tasks for importing reports.
- SSH port for Local Security Checks configurable.
- Product detections as reported by Scanner are handled to allow detailed cross-referenced detection information.
- Support for sorting results by CVSS score.
- Support for importing results sent through the XML escalator.
- Support for escalating result to a Sourcefire Defense Center.
- Support for using an SSH key pair for SSH authentication.
- Individual user settings, starting with time zone.
- Display single result details.
- Icon indicators for detected operating systems.
- LDAP per-user authentication method.
The full announcement can be found here.