Clarification of Discovery Scans

If we schedule discovery scans for our networks, does the found hosts/ports from these scans get stored so that we can then kick off other vulnerability scans later that do not need to contain the discovery VTs?

We are hoping that we can have frequent discovery scans (like nightly or every other night) that then get used for manual, and automated weekly and monthly scans. Since the monthly scans are more complete they take longer to run and we were hoping to move the discovery process out of those scans as that seems to be a lot of the initial scan times.

1 Like

You can use the asset-management and add the found hosts to the asset database. Later you can select Assets via Filter (OS, Hostname, …) and build scan-targets from this asset database. You should not store the ports, on many systems this might by highly dynamic and very advisable to scan every time for new open ports.

I guessing that the targets would need to be checked to add/remove assets found by the discovery scans manually prior to use though, right?

You can build a power-filter term and all that matches can be a new target for scanning.

Please note everything you can do via web interlace can easy be scripted and automated.

I’m new to OpenVAS and haven’t delved into any scripting yet. I see there is documentation for a CLI interface, is there a more direct way to do scripting such as python libraries?

Please use GVM OpenVAS is obsolete, the GMP API is available here: https://docs.greenbone.net/#api_documentation

You can find different binding on Github.