I have some questions related to the community edition:
- Is the community feed still delayed by 14 days?
- Does the community feed contain less NVTs than the security feed?
- Is the scope of the GCE scans equal to (same configured) scans performed by GSM?
Please take a look at the following document which should give you a good overview about the differences between GCE and a GSM.
As the Greenbone Community Edition (GCE) is using the Greenbone Community Feed (GCF) the following recently published About Greenbone Community Feed (GCF) article should answer most questions as well. It doesn’t mention that the 14 days delay was dropped though.
Following is mentioned: “GCF and GSF share the same base set of NVTs and both are daily updated.”
So, the 14 days delay was dropped?
Yes, the 14d delay was dropped quite some time ago.
“Generally, all Enterprise-grade products” are not included in the community feed. Which products are these enterprise-grade products in detail?
There is no ultimate list. The general rule is that it is about products you don’t typically find in a SOHO environment. The above attached PDF file lists some examples.
How can I determine, if a specific product is included?
The best way may be just asking here.
Apart from that, the CPE content of the security feed can be checked out at Greenbone’s online GSM at https://secinfo.greenbone.net/ (click login as guest)
Search under SecInfo > CPE
Then set up a free GSM CE and compare and see if you find the CPE there as well.
At least that’s the best way I can think about right now.
So let my ask especially for following products:
MySQL Server, PostgreSQL Server, Oracle JRE, OpenJDK, Apache Tomcat, Apache HTTP Server
you can search for products in your own GVM/GCE installation on the Web Interface via the SecInfo -> NVTs menu at the top. This section includes all local existing VTs in your installation and can be used to compare the content of the GCF against the content of the GSF available at:
Put there the product you’re looking for into the input box with something like e.g.:
"Tomcat" and created>2017-09-04 and created<2020-01-01
nb: 2017-09-04 is the date where the dropping of enterprise grade VTs where announced.
Afterwards sort after the “created” column and you can see that Apache Tomcat is covered in the GCF as well.
I did a quick comparison of the CPE output on the secinfo site and a CE Web interface
All products you mentioned have CVEs and VTs on the Community Feed as well.
If there are minor diferences in the VTs present, I wasn’t able to find them in a hurry.
The GCE installation wizard mentioned: “[…] Either you can skip this step and continue with the Community Feed. This feed is not as current and not as complete as the Greenbone Security Feed. […]”
Is the Community Feed current or not?
The Community Feed is current, the text is not as, sorry.
But thanks for the heads up, I’ll see if I can get it changed.