Security Feed
The Daily Vulnerability Update
The Greenbone Security Feed delivers the latest findings of security experts from all around the globe to your doorstep. Updates occur automatically as service component of the Greenbone Security Manager (GSM) and the Greenbone Cloud Services (GCS). They form a permanent stream of small procedures that the scanner uses to check all the devices in your network for known and potential security problems – day after day.
Our Security Feed covers more than 84,000 vulnerability tests. Which are these? Just take a look.
- Content: thousands of Vulnerability Tests (VTs) as well as compliance rule sets
- Started: 2008
- Security: encrypted and signed
- Transfer: optimized synchronization
- Update: daily
- Access/support: Greenbone Subscription
- Globally networked development team: North America, Europe and Asia
- Multi-tier quality assurance process
- Multiple daily updates
- Encrypted transfer
- Test routines are digitally signed
- Vulnerability tests via remote network access
- Vulnerability tests via credentials
- Tests according to CVE alerts
- Tests according to Bugtraq alerts
- Aggregate compliance rulesets
- Controls for scan agents
- Embedded Nmap NSE test routines
- Coverage: MS Windows, GNU/Linux (Debian, Fedora, Mandriva, Redhat, SUSE, Ubuntu), Solaris, HP-UX, Cisco and various active networks components
Greenbone Community Feed and Greenbone Security Feed in Comparison
The Greenbone Community Feed (GCF) and the Greenbone Security Feed (GSF) differ in four main areas: content, scope, quality and availability.
| Features | GCF | GSF |
|---|---|---|
| Included VTs | Only basic VTs | All VTs |
| Quality Assurance (QA) | Variable | Consistent |
| Availability | No promise | Assured with SLA |
| Fixes/Improvements | No promise | Assured with SLA |
| Support | Via community on voluntary basis | Assured with SLA |
| Updates | Constant/daily, but without enterprise features | Constant/daily |
| Transfer | Unencrypted | Encrypted |
| VT Signatures | Transfer integrity | SLA for QA/fixes |
All Vulnerability Tests (VTs) developed by Greenbone Networks are included in the professional GSF, but not in the GCF.
| Group | GCF | GSF |
|---|---|---|
| Hot VTs | Yes | Yes |
| VTs for Home Products | Yes | Yes |
| German “IT-Grundschutz” | Yes | Yes |
| VTs for Enterprise Products | No | Yes |
| Compliance (e.g., PCI, ISO27001) | No | Yes |
| Operational Technology (ICS/SCADA) | No | Yes |
| Signed VTs | No | Yes |
How is the Greenbone Security Feed developed?
Security messages can have different sources: security communities, technology partners, customer feedback, our own Greenbone labs and many more.
Each security message automatically generates a ticket in our VT management system. The ticket is screened in the Greenbone labs and subjected to further investigation. After implementation and quality assurance, the ticket is released into the feed service.
We also subject VTs that our technology partners or security communities have already fully implemented to similar testing phases – because quality is our top priority.
