GSF with OpenVAS? Or non-virtual enterprise edition?


I imagine this has been answered before, but I can’t seem to pin down an authoritative answer.

We’ve built a system which runs OpenVAS as part of a collection of other tools integrated together with custom code. We’d like to benefit from the “enterprisey” plugins that sets the GSF over the GCF (such as tests for SCADA, etc.), but we’d like to keep the scanner integrated with our other home-built automation software that manages scans and interprets/collates the results according to our needs.

We’re looking for anything along these lines:

  1. Ideally, a way to pay for a subscription to GSF and use it from within OpenVAS
  2. A way to run the full paid Greenbone scanner with GSF, but on our own hardware in our own OS/environment rather than as a virtual machine
  3. As a last resort: a way to run the paid Greenbone scanner with GSF as a VM, but still control it headlessly via some sort of API (as opposed to having to go through Greenbone’s GUI - which is great but requires user interaction, which is not suitable for our purposes).
  4. Anything I haven’t thought of?

Are any of these things possible? Thanks in advance for the guidance.

GSF cost and arrangement

Please have a look here and follow the PDF linked there:

There is no way to buy a GSF for a homemade GVM setup.
It can be purchased only in combination with a Greenbone-approved/maintained environment,
namely Greenbone OS.

There are commercial virtual appliances offered by Greenbone that do offer the GMP API.
Currently there is GSM ONE, and soon two further virtual products are going to be launched,
one positioned below GSM ONE, and the other positioned above GSM ONE. You can operate all of them headless.
See here for an overview:

GSF cost and arrangement