OpenVAS (Open Vulnerability Assessment Scanner)

OpenVAS is a comprehensive network vulnerability scanner. It probes hosts and services across your network to identify security weaknesses using an extensive feed of network and application tests.

What it does

OpenVAS detects CVEs, misconfigurations, and outdated software across network services. It is designed for deep infrastructure assessment rather than crawling a single web URL as a browser would.

Target types

Use IP addresses, hostnames, and CIDR ranges. Do not enter web URLs that include http:// or https:// - OpenVAS expects network targets, not full site URLs.

Target format

Strip schemes and paths. Use hosts or subnets the scanner can reach on the network.

When to use this scanner

OpenVAS is ideal for SOC 2 compliance scanning, infrastructure vulnerability assessment, and ongoing visibility into servers and services. It fits teams that need broad coverage of CVEs and misconfigurations on networked systems.

Internal network scanning (Pro plan) lets you assess private networks. It requires an Ubuntu VM with 8 GB+ RAM and Docker to run the scanner appliance. Scan duration varies from minutes to hours depending on how many hosts and ports are in scope.

Internal scanning

Pro plan internal scans need the supported VM setup. Allow enough time for large subnets - OpenVAS runs many checks per host.

Target format

Examples of valid targets:

192.0.2.10
db.internal.example.com
198.51.100.0/24

Examples of invalid targets for OpenVAS:

https://app.example.com/
http://192.0.2.10/
https://example.com/login

How to run a scan

Open the New Scan page from your dashboard. Select OpenVAS as the scan type, enter one or more targets in the correct format (see above), give the scan a name, set an optional schedule if you want recurring runs, then submit the form to queue the scan. For more detail on options and schedules, see Running Scans.