The Greenbone Vulnerability Management (GVM) is a framework of several services. It is developed as part of the commercial product line Greenbone Security Manager. Here is an architecture overview for GVM-10:
The Greenbone Vulnerability Manager (gvmd) is the central service that consolidates plain vulnerability scanning into a full vulnerability management solution. GVMd controls the OpenVAS Scanner via an internal protocol and supports the generic Open Scanner Protocol (OSP) for other scanner integrations. The service itself offers the XML-based, stateless Greenbone Management Protocol (GMP). GVMd also controls a SQL database (SQLite by default, PostgreSQL for advanced purposes) where all configuration and scan result data is centrally stored. Furthermore, GVMd also handles user management including permissions control with groups and roles. And finally the service has an internal runtime system for scheduled tasks and other events.
The Greenbone Security Assistant (GSA) is the web interface of GVM. It connects to the GVMd to provide a full-featured user interface for vulnerability management. Greenbone Security Assistant consists of
- GSA - The web application written in React
- GSAD - The HTTP server talking to the GVMd via GMP
The main scanner OpenVAS Scanner is a full-featured scan engine that executes a continuously updated and extended feed of Network Vulnerability Tests (NVTs). There are two feed which are both daily updated, the full-featured extensive commercial Greenbone Security Feed (GSF) and the free available Community Feed:
Complementary to the web interface, GVM-Tools allows batch processing / scripting via GMP. This module is comprised of interactive and non-interactive clients. The programming language Python is supported directly for interactive scripting. But it is also possible to issue remote GMP/OSP commands without programming in Python. A script collection offers examples for typical uses cases.