OpenVAS (Greenbone Vulnerability Management)
🛡️ Greenbone Vulnerability Management (GVM) is an open enterprise platform for IT infrastructure vulnerability analysis.
This image has been prepared by NiceSoft LLC specialists and optimized for use with the domestic operating system NiceOS.
🌍 Special build for the Russian market
- 🇷🇺 Fully localized interface (Russian language).
- 🔗 Integration with NiceOS system components.
- 📦 Easy deployment from Yandex Cloud Marketplace.
- 🛡 Support for operation in accordance with local standards.
🚀 Key features
- 🔍 Vulnerability analysis — automated scanning of servers, workstations, services, and applications for CVEs.
- 📊 Reports and analytics — risk prioritization, remediation recommendations, exportable reports (HTML/PDF).
- 🔄 Regularly updated knowledge bases — feeds NVT, SCAP, CERT, and Notus, with tens of thousands of security tests.
- ⚙️ Flexible configuration — custom policies, target management, scheduling, and user management.
- 🔗 Integration — API (GMP/OMP) for SOC, DevSecOps, and CI/CD pipelines.
- 🛡 Compliance and audit — verify systems against PCI DSS, HIPAA, GDPR, and other standards.
⭐ Advantages of the NiceSoft build
- ✅ Full Russian localization of the Greenbone Security Assistant (GSA) web interface.
- ✅ Preconfigured services and optimized directory structure.
- ✅ Automatic initialization on first VM startup.
- ✅ Convenient management via a unified systemd target:
gvm-stack.target.
✨ Greenbone Vulnerability Management (GVM) for NiceOS — a ready-to-use solution for the Russian market that combines global technology with localized convenience.
⚠️ Important: On the very first launch, the system will automatically initialize and start downloading vulnerability feeds (NVT, SCAP, CERT, Notus).
This may take 30–60 minutes depending on the VM size and network speed.
During this time, the web interface may display “Scanner is still starting” — this is expected.
1) Infrastructure Preparation
Minimum / Recommended requirements:
- vCPU: 2 / 4+
- RAM: 4 GB / 8–16 GB
- Disk: 40 GB / 80–150 GB (feeds and reports)
- Internet access (outgoing traffic) for feed synchronization
Access: prepare an SSH key pair for connecting to the VM.
Security group rules:
-
Inbound:
- TCP 22 → SSH (allow 0.0.0.0/0 temporarily, then restrict to your IP)
- TCP 9392 → GSA web interface (allow only trusted IPs)
-
Outbound:
- Allow all traffic (0.0.0.0/0)
2) Create a VM from Marketplace
-
Open Yandex Cloud → Marketplace, search for Greenbone Vulnerability Management, and select the image.
-
Select the network/subnet and attach the prepared security group.
-
In the Access section, specify:
- Username (for SSH login)
- Public SSH key
-
Create the VM and wait for startup.
3) First Connection & Basic Checks
Connect to the VM:
ssh <username>@<public_IP>
Switch to root:
sudo su
Check service status:
systemctl status gvm-stack.target
systemctl status redis-openvas ospd-openvas gvmd gsad --no-pager
Track feed loading:
journalctl -u ospd-openvas -b -f
Look for messages like “VTs loaded / ready”.
4) Get the Administrator Password
The admin password is generated automatically and stored here:
cat /var/lib/gvm/.admin-password
Copy it — you’ll need it for web login.
5) Access the Web Interface
Open in your browser:
http://<public_IP>:9392
Login credentials:
- Username:
admin - Password: (from
/var/lib/gvm/.admin-password)
While feeds are loading, the interface may show “Scanner is still starting”.
6) After Login: Basic Steps
-
Change the admin password:
sudo -u gvm gvmd --user=admin --new-password='NewStrongPassword' -
Restrict access to port 9392 in the security group (only trusted IPs).
-
Check scanner status:
sudo -u gvm gvmd --get-scanners journalctl -u ospd-openvas -b --no-pager | tail -n 200
7) Enable TLS (Recommended)
By default, the web runs in http-only mode. To enable HTTPS:
-
Place a certificate and key on the VM.
-
Edit gsad startup options (e.g.
/etc/sysconfig/gsad) to remove--http-onlyand add:--ssl-certificate=/path/to/cert.crt --ssl-private-key=/path/to/key.key -
Restart gsad:
systemctl daemon-reload systemctl restart gsad
8) Common Issues
-
“Scanner is still starting” → feeds are still loading, check logs with:
journalctl -u ospd-openvas -b -f -
Warnings about GPG/Notus → fix GnuPG directory permissions (0700), ensure the Community Feed key is imported and trusted, then restart
ospd-openvas. -
No web access → ensure port 9392 is open in the security group and gsad is running:
ss -ltnp | grep 9392 systemctl status gsad --no-pager
9) Resource & Storage Recommendations
- For active use: 16 GB RAM, 4–8 vCPU.
- Dedicated disk: 100 GB+ for feeds and reports.
- Regularly back up the database and reports.
10) Quick Command Reference
# Status of the full stack
systemctl status gvm-stack.target
# Status of individual services
systemctl status redis-openvas ospd-openvas gvmd gsad --no-pager
# Track VT feed loading
journalctl -u ospd-openvas -b -f
# Get admin password
cat /var/lib/gvm/.admin-password
# Change admin password
sudo -u gvm gvmd --user=admin --new-password='NewStrongPassword'
# Check scanner availability
sudo -u gvm gvmd --get-scanners
✅ After completing these steps, Greenbone Vulnerability Management will be fully operational on your VM.
- 🏢 Organizations — automated security audits of infrastructure.
- 🔐 Security and SOC teams — regular assessments, incident analysis, and threat hunting.
- 👨💻 IT administrators — identifying and fixing vulnerabilities before they can be exploited by attackers.
- 🛠 Integrators and DevSecOps teams — implementing secure development and operations processes.
Free Community Support via the official Telegram channel
- Official Telegram channel of the NICE.OS community.
- Direct interaction with developers and experienced users: environment setup, best practices, troubleshooting.
- A place to exchange knowledge, share real-world use cases, and influence the project roadmap.
Tip: when reaching out, please provide your image version, environment (cloud or bare-metal), and a short problem description to speed up support.
For support or a commercial offer, contact us at:
📧 soc@ncsgp.ru