OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user front-end. The core component is a server with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.
The above is much cut and paste from the OpenVAS website. I’m writing this blog post because I have talked to many security professionals that miss-like that Nessus went closed source, and dont know about the OpenVAS fork.
OpenVAS-Server is a forked development of Nessus 2.2. The fork happened because the major development (Nessus 3) changed to a proprietary license model and the development of Nessus 2.2.x is practically closed for third party contributors. OpenVAS continues as Free Software under the GNU General Public License with a transparent and open development style.
And that is what we like, right?