See Threats. Act Fast. Stay Ahead.
OPENVAS Products
Gain clarity about your IT security posture. OPENVAS delivers precise vulnerability scanning, centralized risk analysis, and GDPR-compliant security intelligence for lasting protection and trust.
The right OPENVAS solution for every requirement
With the OPENVAS products, you gain complete clarity. Our technology scans your entire IT landscape for potential vulnerabilities, assesses threats in real time and provides precise and actionable recommendations.
The result is intelligent risk management that not only reacts to threats but stays ahead of them. Greenbone delivers proactive security that thinks ahead, dynamic, scalable and seamlessly integrable into any IT infrastructure, from medium sized businesses to large corporations.
OPENVAS BASIC
Our Entry-Level Product for Small Companies or Individual Users
Entry into professional vulnerability management for small businesses and individual users. Want to achieve more security with a cost-effective solution? OPENVAS BASIC delivers exactly that: install, scan, and act with purpose.
Entry-level product for small companies
Easy to use
100% GDPR-compliant
OPENVAS SCAN
Security for Companies and Public Institutions
Advanced IT risk analysis and seamless compliance through tailored, integrated solutions. Leverage one of the market’s leading vulnerability detection coverages for comprehensive protection. Available as hardware or virtual appliances for flexible deployment.
More than 200,000+ vulnerability tests
Best detection rate on the market
For companies of all sizes
OPENVAS SECURITY INTELLIGENCE (coming soon)
Central Platform for Distributed Vulnerability Management
Central management and intelligence layer for distributed vulnerability scanning with multiple OPENVAS SCAN systems. It consolidates results, enables centralized administration, and enriches findings with CSAF advisories and SBOM data.
Consolidated Reporting
CSAF & SBOM Integration
REST API Integration
UPCOMING SOLUTION
OPENVAS AI
Vulnerability remediation with artificial intelligence. OPENVAS AI transforms scan results into prioritized action plans, running fully on-premises with no data leaving your network.
On-premises LLM: Data never leaves your network
Risk-based action plans with CVE context
Audit-proof, traceable remediation steps
Trust the Expert for Innovative Vulnerability Management!
Greenbone offers you the world’s largest vulnerability coverage.
Our solutions are based on over 15 years of research and development.
We deliver the world’s most widely used open source vulnerability management solution.
Over 15 years of partnership with the BSI are proof of our commitment to the highest security standards.
Our Services: Personal, Professional and Here for You
Behind each of our services is not a bot, but a real person with specialist knowledge, experience and the ambition to really help you move forward. Whether in webinars, individual partner training or technical support: we listen, think and act in a solution-oriented manner. For Greenbone, service is not just an add-on, but a promise. Because real security is created when technology and people work hand in hand.
Webinars
Our webinars inform you about the latest security trends, uncover the latest vulnerabilities with you and keep you informed about updates to the solutions.
Support
Individual support in German and English, with the full manufacturer’s warranty for hardware, daily vulnerability tests and regular software upgrades.
Partner
Exclusively for our partners, we offer special conditions, technical support and customized training, so that you can understand, promote and implement our solutions with confidence.
FAQ
Who is Greenbone?
Greenbone was founded in 2008 by leading experts in the fields of network security and Free Software. Our goal is to develop products and concepts that help you to avoid attacks on your network infrastructure.
How? By detecting vulnerabilities faster than the attackers. We attach particular importance to a transparent White Box. Our turnkey solution is suitable for small and medium-sized companies as well as for operation in a critical Fortune-500 IT environment.
What is our approach?
We rely on a holistic approach. Our goal is to minimize and manage risks resulting from vulnerabilities in systems. Greenbone is the first provider to offer a 100 % Open Source vulnerability management solution. With this White Box solution you can avoid risks resulting from the use of a proprietary vulnerability analysis system in critical IT infrastructures.
Greenbone is engaged in the global and multi-cultural open-source communities in a cooperative manner. We act according to the concept of take and give and joint development processes in Free Software.
How do our products work?
OPENVAS SCAN Appliances are available as hardware OR virtual form. They consist of the OPENVAS SCAN, a scan service, the web interface and, in the case of the hardware appliances, a special hardware.
The OPENVAS SCAN Appliances use the OPENVAS ENTERPRISE FEED – our base technology. It is a collection of vulnerability tests (VTs) to detect known and potential security vulnerabilities in all active elements of your IT infrastructure: desktop PCs, servers, appliances, and intelligent components such as routers or VoIP devices.
Are there alternative solutions?
Unlike other security solutions, vulnerability management allows you to view your IT infrastructure from the outside – from the perspective of a potential attacker. The aim is to find any existing vulnerabilities in your IT infrastructure. And that’s not all: our solution shows ways and processes to eliminate them. There is no other solution that can take over these functions completely.
How to buy our products?
Here you can reach the contact form for product requests.
What are the differences between the OPENVAS ENTERPRISE FEED and the OPENVAS COMMUNITY FEED?
Central differences between the paid subscription of the OPENVAS ENTERPRISE FEED and the free OPENVAS COMMUNITY FEED can be found here.
What are the differences between the OPENVAS SCAN Appliance and an own OPENVAS COMMUNITY EDITION installation?
The central differences between the OPENVAS SCAN Appliance (in combination with the OPENVAS ENTERPRISE FEED) and a self-configured OPENVAS COMMUNITY EDITION installation can be found here.
Is there a way to test the vulnerability scanning?
Our enterprise-grade vulnerability management for small businesses, OPENVAS BASIC, is available for a free 14-day trial.
Are the Greenbone solutions in conflict with German law known as "hacker paragraph" 202c StGB?
The short answer is: No.
For a detailed answer referencing German law, please see the German version of this FAQ entry.
Is the usage of a Greenbone Security Manager compatible with the GDPR?
Our system only scans the environment defined by the operator of the physical or virtual appliance for possible vulnerabilities. The customer defines the target and thus the infrastructure to be scanned. Only company networks and no personal data (detailed definition in our privacy policy) are checked. The resulting data remains exclusively with the operator of the appliance. No data is passed on to the manufacturer or any third party.
In addition, the environment defined by the operator can be checked for compliance guidelines using pre-configured scan configurations to ensure that all components integrated in the system meet the required specifications.
What is the difference between Vulnerability Management and Vulnerability Assessment, penetration testing or IDS/IPS or firewall solutions?
A crucial difference to antivirus systems, IDS/IPS installations and firewall solutions lies in the perspective.
The systems mentioned concentrate on the attack patterns – with the view from the inside out. In contrast, Vulnerability Management looks at the IT infrastructure from the outside to the inside – similar to the perspective of an attacker.
Penetration testing takes the same perspective. But here too, there is a significant difference: it is a concrete task to penetrate a corporate network and take control. Once this goal has been achieved, the penetration test ends and other vulnerabilities remain unnoticed. Vulnerability Management, on the other hand, is designed to find every single vulnerability.
While Vulnerability Assessment is a one-time inventory of the security situation of an IT infrastructure, Vulnerability Management improves the security level with a complete process.
Why does Vulnerability Management increase the level of security?
Vulnerability Management drastically reduces the attack surface of a company’s IT. Furthermore, Vulnerability Management allows other IT security solutions in use (IDS/IPS and firewall) to focus on the actual hot spots: the solutions receive information about the most critical vulnerabilities. This takes place within a process that prioritizes vulnerabilities based on accepted standards (SCAP) and company-specific factors and removes or mitigates them – in line with critical business processes. Ideally, this process is part of a comprehensive IT security framework.
How compatible is Vulnerability Management with IDS/IPS and other IT security products?
Vulnerability Management is an essential element of an IT security infrastructure and complements the other components.
IDS/IPS solutions – network-based, host-based or designed as Network Behaviour Analysis (NBA) – have to be set up and adjusted during setup and during ongoing operation. For an NBA it is necessary to establish a baseline (e.g., limits for port scans and login attempts, blacklists and whitelists of IP addresses and user names as well as settings for alarms).
By importing the results of vulnerability scans, you can significantly supplement and improve this tuning: the information can be used to focus the resources of an IDS/IPS and thus make better and faster decisions on the necessary action and alerting. False-positive messages are reduced.
Attacks on an IDS/IPS such as overloading the capacity or ‘blinding’ are so-called evasion techniques. Together with the difficulty of an IDS/IPS to detect slow, targeted attacks, they push these IT security solutions to their limits. Vulnerability Management offers the necessary complement, as it can significantly reduce the attack surface.
