We used OpenVAS in our labs this week. OpenVAS and Nessus are both vulnerability management tools that are commonly used today.  I intend to do a brief and high-level examination and comparison of the two tools.

Nessus was developed by Tenable Network Security.  OpenVAS was developed as a project fork of the open source version of Nessus.

It’s important to note that OpenVAS is free/open source and Nessus is not (Nessus is free of charge for personal use in a non-enterprise environment).  Depending on your company’s budget priorities, Nessus may not be an option.  I think that first and foremost, you need to be able to use the tool to take advantage of it’s benefits, so for me, point #1 goes to OpenVAS for easy accessibility to everyone.  OpenVAS comes with Kali Linux, so that is convenient for those using Kali already.    With this in mind, I believe it’s reasonable to expect more from a tool you pay for.  I’ve heard mention that Nessus has a more “professional feel” to it, and that makes sense because it is a professional tool.

This article goes over the knowledge base importance of each tool and compares them, concluding that each has their own strengths and weaknesses and that no vulnerability scanner is going to catch everything.

This article talks about the different scan results when comparing the tools.  The author’s major conclusion is that there is a wide variation in results from the different scanners.

My conclusion is that it’s really a matter of opinion (or accessibility), or even which services your system utilizes.  I originally wanted to compare them against eachother, but after some research, I’ve concluded that each scan will yield different results revealing different attack vectors, so it would be prudent to use both/more than one if that is an option.

Check out the tools here: