Solution Categories
Community Directory
Compare solutions
Benchmark my program
OpenVAS
OpenVAS is a tool for identifying security vulnerabilities in networked systems. It includes a regularly updated feed of Network Vulnerability Tests (NVTs) to detect potential security issues.
Why these ratings?
Cyberse perspective
Summary by Cyberse
Microsoft Sentinel may be considered a good fit for you due to its powerful capabilities.
Hereโs a few tips on how to maximize its capabilities:
We use the following criteria to rate this productโs functionality:
Cost considerations
OpenVAS is open-source, so there are no license fees and users can run unlimited scans, paying only for an optional commercial feed or support. Competing vulnerability scanners usually bill per asset or per scan, so overall spend rises faster as environments grow. The low entry cost and predictable optional fees give most security teams a favorable cost-to-value balance.
Functionality
OpenVAS performs scheduled credentialed scans and scores findings with CVSS, giving a clear snapshot of on-premise vulnerabilities. Native coverage for cloud or container assets is limited and there is no built-in ticketing or risk-based prioritization, so remediation tracking relies on external tools.
Compatibility
OpenVAS is a network-centric scanner with no agents and no out-of-the-box hooks for AWS, Azure, or common SIEMs. Teams usually rely on CSV/XML exports or custom API scripts to push findings into CMDB or ticketing tools. This extra work puts its integration reach below that of full-feature commercial suites.
User experience
The web console is serviceable but dated, so new users need some orientation to locate key risk views. Generating clear reports often requires exporting and tweaking data outside the console. Navigation is slower than in most commercial scanners, yet routine tasks become manageable after modest training.
Customer support
OpenVAS mainly offers community forums and volunteer help with no guaranteed response times, and formal assistance is only available through a separate Greenbone subscription, so business users get limited official guidance even though the free vulnerability feed is updated daily.