Hello. Should OpenVAS be used for the IP addresses in the production environment? Will there be any data modification in the production environment? Are there any methods to avoid high loads during vulnerability checks? Web application diagnostics involve data alteration, so we typically conduct vulnerability assessments in test environments. However, which one is recommended for platform diagnostics?
Hi Zono, welcome to the community forum.
This is a question you must answer for yourself and your own organization. It cannot be fairly answered by someone providing support in the forum. However, no doubt that Greenbone is used by organizations to scan production network and host attack surface. As with any vulnerability scanner, it is not completely without the possibility to cause unintended consequences to production environments.
Obviously before you do that, you should do some due diligence. This should include reading the complete documentation, and any other relevant component level documentation.
As for your other questions, there are somethings you can do to reduce the risks of these problems:
- Allow only “safe_checks”. This is the default setting for Full and Fast. Documentation reference here.
- Adjust the concurrent hosts, concurrent VT checks to reduce the amount scanning happening at a given time
- Consider scheduling the scans during network downtime or chaining them using alerts.
- Of cource, if you can replace production environments with test environments then it will be less risky and in most cases provide the same vulnerability insight.
- Also, the CVE Scan config can be used after a Full and Fast scan to reduce the burden on networks by simply matching newly released CVEs to the assets discovered in a previous Full and Fast or System discovery scan.
All of these topics have been discussed in the forum in various places and you can find those discussions useful with a manual search.
4 Likes
There is also a quite extensive “Read before use” chapter available in the previous linked documentation:
https://docs.greenbone.net/GSM-Manual/gos-22.04/en/read-before-use.html
3 Likes