14
I Use This!
Activity Not Available

Ratings and Reviews

Analyzed over 1 year ago. based on code collected over 1 year ago.
Community Rating
4.2
   

Average Rating:   4.2/5.0
Number of Ratings:   5
Number of Reviews:   1

My Review of OpenVAS

You have not rated or reviewed this project.
Click below to rate/review.
My Rating:
0
 
 New Review

Most Helpful Reviews

ihacksites says:
Cf9e28e6b442c53a2d4b75202d9cf0e4?&s=58&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon80
A solid performer  
4.0
   
written over 5 years ago

A mini review from the boarding gate.

OpenVAS powers the on-line service at http://hackertarget.com/openvas-scan/. Version 4 has been reliable and a solid performer. To put it into context we have performed literally thousands of OpenVAS scans using the OMP command line interface. These scans have been executed over the Internet against a wide range of targets. In that time memory usage has been an issue on a few occasions, however this is when running multiple scans simultaneously on a moderately powered VPS.

So with the core being stable, any vulnerability scanner review must include the accuracy of the plug-ins.

Unfortunately I have no solid comparison data (does anyone?); I have compared plugin coverage versus Nessus and NexPose informally and on an ad-hoc basis. In some instances I find the OpenVAS plug-ins more accurate in others, the established commercial products are more accurate.

When performing vulnerability scans against a target as part of a formal assessment I lean towards using multiple tools, the same as using multiple anti-virus for email and web (one on the gateway and one on the client).

So even if you are coughing up the cash for a commercial option, having a reliable and well performing solution such as OpenVAS is an excellent alternative.

Did this review help you? |

Most Recent Reviews

ihacksites says:
Cf9e28e6b442c53a2d4b75202d9cf0e4?&s=58&rating=pg&d=http%3a%2f%2fopenhub.net%2fanon80
A solid performer  
4.0
   
written over 5 years ago

A mini review from the boarding gate.

OpenVAS powers the on-line service at http://hackertarget.com/openvas-scan/. Version 4 has been reliable and a solid performer. To put it into context we have performed literally thousands of OpenVAS scans using the OMP command line interface. These scans have been executed over the Internet against a wide range of targets. In that time memory usage has been an issue on a few occasions, however this is when running multiple scans simultaneously on a moderately powered VPS.

So with the core being stable, any vulnerability scanner review must include the accuracy of the plug-ins.

Unfortunately I have no solid comparison data (does anyone?); I have compared plugin coverage versus Nessus and NexPose informally and on an ad-hoc basis. In some instances I find the OpenVAS plug-ins more accurate in others, the established commercial products are more accurate.

When performing vulnerability scans against a target as part of a formal assessment I lean towards using multiple tools, the same as using multiple anti-virus for email and web (one on the gateway and one on the client).

So even if you are coughing up the cash for a commercial option, having a reliable and well performing solution such as OpenVAS is an excellent alternative.

Did this review help you? |