OpenVAS query

14 views
Skip to first unread message

ri...@copperpodip.com

unread,
Mar 6, 2019, 4:45:32 AM3/6/19
to VGLUG
I am new to OpenVAS, Please anyone answer some of my doubts regarding the OpenVAS tool.

doubt 1: can OpenVAS tool be used for vulnerability/security check of open source software code files.

doubt 2: is there any other tool to check the vulnerability check of open source software source code files.

please reply thanks in advance.

Kaushal Patel

unread,
Mar 6, 2019, 5:19:58 AM3/6/19
to vg...@googlegroups.com
1. openvas is a vulnerability scanner for a system like Nessus. this utility will check open ports and service running on it. it also checks the version and does some request to find out vulnerabilities. it will not be going to check the source code for open or closed source applications. 

2. For source code you can try blacduck.  (https://www.blackducksoftware.com/)

-kaushal

--
Please read http://www.catb.org/~esr/faqs/smart-questions.html before posting.
You received this message because you are subscribed to the "Vibrant GNU/Linux User Group".
To stop receiving emails from this group, mail to VGLUG+un...@googlegroups.com
To post to this group, send email to VG...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/VGLUG

---
You received this message because you are subscribed to the Google Groups "VGLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to vglug+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


--
Regards,
Kaushal Patel

Rinku Yadav

unread,
Mar 6, 2019, 11:16:12 AM3/6/19
to vg...@googlegroups.com
Thanks Kaushal for your help.


The information contained in this transmission may contain privileged and confidential information. It is intended only for the use of the person(s) named above. If you are not the intended recipient, you are hereby notified that any review, dissemination, distribution or duplication of this communication is strictly prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. 

Nilesh Vaghela

unread,
Mar 6, 2019, 10:45:38 PM3/6/19
to vglug
Just to add one more point.

Any standard software CVE is available.

But it is not available for all application / software / platform / os etc.



Hope might help.
ElectroMech Corporation
AWS Advance Consulting Partner
RedHat Training and Sales Partner
302, New York Plaza, Opp. Chief Justice Bunglow,
Bodakdev, Ahmedabad - 380054 

Rinku Yadav

unread,
Mar 6, 2019, 11:43:43 PM3/6/19
to vg...@googlegroups.com
Thanks Nilesh for the information.
Reply all
Reply to author
Forward
0 new messages