Security Feed
The Daily Vulnerability Update
Our Greenbone Security Feed always provides you with the latest vulnerability information. With the vulnerability tests, the scanner checks all devices in your network for known and potential security issues. As a component of the Greenbone Security Manager (GSM) and the Greenbone Cloud Services (GCS), it is updated daily.
Our Security Feed covers more than 100,000 vulnerability tests. Which are these? Just take a look.
- Includes over 100,000 vulnerability tests (VTs)
- Continuous development of tests for newly discovered vulnerabilities based on CVEs (Common Vulnerabilities and Exposures)
- Daily feed updates by integrating the latest vulnerability tests
- Every Greenbone product, no matter if GPE or GCS, automatically includes the Security Feed (except GCE)
- Multi-stage quality assurance process for each vulnerability test we develop
- All test routines are digitally signed
- Distribution of data objects via the feed
Greenbone Community Feed and Greenbone Security Feed in Comparison
The Greenbone Community Feed (GCF) and the Greenbone Security Feed (GSF) differ in four main areas: content, scope, quality and availability.
| Features | GCF | GSF |
|---|---|---|
| Included VTs | Only basic VTs | All VTs |
| Quality Assurance (QA) | Variable | Consistent |
| Availability | No promise | Assured with SLA |
| Fixes/Improvements | No promise | Assured with SLA |
| Support | Via community on voluntary basis | Assured with SLA |
| Updates | Constant/daily, but without enterprise features | Constant/daily |
| Transfer | Unencrypted | Encrypted |
| VT Signatures | Transfer integrity | SLA for QA/fixes |
All Vulnerability Tests (VTs) developed by Greenbone Networks are included in the professional GSF, but not in the GCF.
| Group | GCF | GSF |
|---|---|---|
| Hot VTs | Yes | Yes |
| VTs for Home Products | Yes | Yes |
| German “IT-Grundschutz” | Yes | Yes |
| VTs for Enterprise Products | No | Yes |
| Compliance (e.g., PCI, ISO27001) | No | Yes |
| Operational Technology (ICS/SCADA) | No | Yes |
| Signed VTs | No | Yes |
How is the Greenbone Security Feed developed?
Security messages can have different sources: security communities, technology partners, customer feedback, our own Greenbone labs and many more.
Each security message automatically generates a ticket in our VT management system. The ticket is screened in the Greenbone labs and subjected to further investigation. After implementation and quality assurance, the ticket is released into the feed service.
We also subject VTs that our technology partners or security communities have already fully implemented to similar testing phases – because quality is our top priority.
