Security Feed

The Daily Vulnerability Update

The Greenbone Security Feed delivers the latest findings of security experts from all around the globe to your doorstep. Updates occur automatically as service component of the Greenbone Security Manager (GSM) and the Greenbone Cloud Services (GCS). They form a permanent stream of small procedures that the scanner uses to check all the devices in your network for known and potential security problems – day after day.

Our Security Feed covers more than 84,000 vulnerability tests. Which are these? Just take a look.

Facts
  • Content: thousands of Vulnerability Tests (VTs) as well as compliance rule sets
  • Started: 2008
  • Security: encrypted and signed
  • Transfer: optimized synchronization
  • Update: daily
  • Access/support: Greenbone Subscription
Features
  • Globally networked development team: North America, Europe and Asia
  • Multi-tier quality assurance process
  • Multiple daily updates
  • Encrypted transfer
  • Test routines are digitally signed
  • Vulnerability tests via remote network access
  • Vulnerability tests via credentials
Content
  • Tests according to CVE alerts
  • Tests according to Bugtraq alerts
  • Aggregate compliance rulesets
  • Controls for scan agents
  • Embedded Nmap NSE test routines
  • Coverage: MS Windows, GNU/Linux (Debian, Fedora, Mandriva, Redhat, SUSE, Ubuntu), Solaris, HP-UX, Cisco and various active networks components

Greenbone Community Feed and Greenbone Security Feed in Comparison

The Greenbone Community Feed (GCF) and the Greenbone Security Feed (GSF) differ in four main areas: content, scope, quality and availability.

Features GCF GSF
Included VTs Only basic VTs All VTs
Quality Assurance (QA) Variable Consistent
Availability No promise Assured with SLA
Fixes/Improvements No promise Assured with SLA
Support Via community on voluntary basis Assured with SLA
Updates Constant/daily, but without enterprise features Constant/daily
Transfer Unencrypted Encrypted
VT Signatures Transfer integrity SLA for QA/fixes

All Vulnerability Tests (VTs) developed by Greenbone Networks are included in the professional GSF, but not in the GCF.

Group GCF GSF
Hot VTs Yes Yes
VTs for Home Products Yes Yes
German “IT-Grundschutz” Yes Yes
VTs for Enterprise Products No Yes
Compliance (e.g., PCI, ISO27001) No Yes
Operational Technology (ICS/SCADA) No Yes
Signed VTs No Yes

How is the Greenbone Security Feed developed?

Security messages can have different sources: security communities, technology partners, customer feedback, our own Greenbone labs and many more.

Each security message automatically generates a ticket in our VT management system. The ticket is screened in the Greenbone labs and subjected to further investigation. After implementation and quality assurance, the ticket is released into the feed service.

We also subject VTs that our technology partners or security communities have already fully implemented to similar testing phases – because quality is our top priority.