VMOpen source · GPL-2.0
OpenVAS (Greenbone Community Edition)
By Greenbone
The standard open-source vulnerability scanner, forked from the last free Nessus release in 2005 and developed since by Germany's Greenbone. The GPL-licensed scanner ships in the free Greenbone Community Edition with a community vulnerability-test feed; Greenbone's paid appliances and Enterprise Feed add coverage, support, and management at scale.
Verified Source: 1
- Product type
- Software
- Deployment
- On-prem
- Organization size
- IndividualSMBMid-market
- Pricing tier
- Free
Capability checklist
VMHow OpenVAS (Greenbone Community Edition) measures up against the full Vulnerability Management taxonomy.
- Asset discovery & scanning — supported
- Finds and scans devices, servers, and applications across the environment.
- Risk-based prioritization — not supported
- Ranks vulnerabilities by real-world exploitability and business impact, not just severity score.
- Remediation & patch tracking — not supported
- Tracks whether identified vulnerabilities actually get fixed over time.
- Authenticated & unauthenticated scanning — supported
- Scans with or without credentials to see deeper into configured systems.
- Compliance & benchmark reporting — not supported
- Reports posture against standards like CIS benchmarks and PCI DSS.
- Ticketing & CMDB integration — not supported
- Syncs findings and asset data with IT service management systems.
Alternatives
Other Vulnerability Management tools with overlapping capabilities, sized for similar teams.
Appears in stacks
Real-world stacks that include OpenVAS (Greenbone Community Edition).