Hello, the OpenVAS developers are proud to announce that the test phase for the upcoming OpenVAS-5 started and the first releases have become available.
OpenVAS-5 is yet another major evolution step of the Open Vulnerability Assessment System. Advances range from integration of CVE and CPE databse, an Asset Management over vulnerability prognosis, a improved user interface and not at least improved scanning and detection capabilities. The OpenVAS-5-based Greenbone Security Manager recently passed the SCAP validation of US agency NIST for category Unauthenticated Scanner. All required criteria were added to OpenVAS-5. A few features are still in the works and will be added over the next couple of weeks during the Beta phase. Together with improvements based on user feedback. It is planned to close beta phase in february, entering the release candidate phase. The aim is to release OpenVAS-5 in march, exactly one year after the release of OpenVAS-4. Major new features: * The web interface has been comprehensively updated, reflecting various of the following features. The navigation box is turned into a menu bar. * Introduced references section for results * Improved default reports * Support for listing NVTs addressing a certain CVE * Support for override lifetimes * Support for note lifetimes * Support for asset management * Support for integrated SCAP data * Support for prognostic scans * Support for large database files on 32-bit platforms * Support for task observers * Support for individual time zones for users * The max_host and max_checks scan performance parameters have been moved from scan configs to tasks * Support for delta reports * Trashcan: It is now possible to place objects in a trashcan instead of deleting them directly. * Support for container task (imported reports) * Support for specifying an SSH port for Local Security Checks * Support for escalating result to a Sourcefire Defense Center * Support for using an SSH key pair for SSH authentication * OpenVAS Management Protocol (OMP): New version 3.0 reflects new functionality of OpenVAS Manager and has all timestamps converted to cover timezone. * New user role "observer" for read-only access * Improved network scanning via nmap * Improved support for ssh scanning Apart from this, comprehensive internal cleanups and improvements of the build environment happened. Compatibility: * OpenVAS Scanner remains compatible with the previous release, so the latest release of the old OpenVAS-Client still works. * The OpenVAS NVT Feed will be extended with tests that take advantage of the network scan feature but fully keeps the behaviour for previous releases. * The OpenVAS Manager has a migration option for updating a OpenVAS Manager 1.0 / 2.0 SQL database to 3.0. But there is no support to downgrade the database back to 1.0 / 2.0. Availability: If you like to try out the beta version of the upcoming OpenVAS-5 release, you should install it separately from your stable release. The OpenVAS team very much appreciates reports on any experiences with this BETA series of OpenVAS-5. Please report on the OpenVAS mailing lists. All download links can be found on the OpenVAS homepage: http://www.openvas.org A number of binary installation packages has shown up already and we are very thankful for the great work of the package maintainers. Best regards Jan-Oliver Wagner -- Dr. Jan-Oliver Wagner | ++49-541-335084-0 | http://www.greenbone.net/ Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 202460 Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner _______________________________________________ Openvas-announce mailing list Openvas-announce@wald.intevation.org http://lists.wald.intevation.org/mailman/listinfo/openvas-announce
