gvmd
Management daemon shipped with GVM 10 and later. Abbreviation for
**G**reenbone **V**ulnerability **M**anagement **D**aemon.
openvassd
Scanner daemon used by GVM 10 and before. It listens for incoming
connections and starts scan processes to run the actual vulnerability tests.
It collects the results and reports them to the management daemon. With the
GVM 11 release, it has been converted to the {term}`openvas` application by
removing the daemon and replacing the communication protocol.
Abbreviation for **OpenVAS** **S**canner **D**aemon.
openvas
Scanner application executable to run vulnerability tests against targets
and to store scan results into a Redis database. Used in
GVM 11 and later. It has originated from the {term}`openvassd`.
openvasd
A new service introduced with the OpenVAS Scanner release 23.0 to execute nasl scripts and provide static version comparisons.
It has a http based [API](https://greenbone.github.io/scanner-api/) to control scans and get results.
The adaptation will be done in various downwards compatible ways. As of 23.0.1 `openvas` is using the `/notus` endpoint for version checks, additionally `OpenVASD` is setting up redis and controls `openvas` for scanning.
In the next phases it will gradually take over `openvas` functionality with the end goal of replacing `ospd-openvas` and `openvas` completely.
OSPd
A [framework](https://github.com/greenbone/ospd) for several scanner
daemons speaking the {term}`Open Scanner Protocol (OSP) <OSP>`.
ospd-openvas
A {term}`OSP <OSP>` scanner daemon managing the {term}`openvas <openvas>`
executable for reporting scan results to the management daemon {term}`gvmd`.
Used in GVM 11 and later.
gsad
A web server providing the {term}`Greenbone Security Assistant <GSA>` web
application.
GSA
The Greenbone Security Assistant (GSA) web application to control scans and
access vulnerability information via a web interface in a browser.
GOS
Greenbone Operating System, the operating system of the
{term}`Greenbone Enterprise` Appliance. It provides the commercial version
of the {term}`Greenbone Community Edition` with enterprise support and
features.
GSM
Greenbone Security Manager (GSM) is the former name of our commercial
product line {term}`Greenbone Enterprise` as hardware or virtual appliances.
GMP
The Greenbone Management Protocol (GMP) is an XML-based communication
protocol provided by {term}`gvmd`. It provides an API to create, read, update
and delete scans and vulnerability information.
OSP
The Open Scanner Protocol is an XML-based communication protocol provided by
{term}`ospd-openvas`. It provides an API to start scans, get {term}`VT`
information and to receive scan results.
GVM
The {term}`Greenbone Community Edition` consists of several services. This
software framework has been named Greenbone Vulnerability Management (GVM)
in the past.
Greenbone Community Edition
The Greenbone Community Edition covers the actual releases of the Greenbone
application framework for vulnerability scanning and vulnerability
management provided as open-source software to the community. The Greenbone
Community Edition is adopted by external third parties, e.g., if the
software framework is provided by a Linux distribution, it is build from the
Greenbone Community Edition. It is developed as part of the commercial
{term}`Greenbone Enterprise` product line. Sometimes referred to as the
OpenVAS framework.
Greenbone Community Containers
Container images that are pre-built on [GitHub](https://github.com/greenbone)
and available via [dockerhub](https://hub.docker.com/u/greenbone). These
images can be used to run the newest versions of the {term}`Greenbone Community Edition`
without having to care about the operating system, compiler and build
tool chains.
Greenbone Enterprise
Greenbone Enterprise is the [Greenbone product line for on-premises solutions](https://www.greenbone.net/en/product-comparison/).
Included are virtual or hardware Greenbone Enterprise Appliances with the
{term}`Greenbone Operating System (GOS)<GOS>`,
the {term}`Greenbone Vulnerability Management (GVM) framework <GVM>`, and
the {term}`Greenbone Enterprise Feed`.
Greenbone Community Feed
The [Greenbone Community Feed](https://www.greenbone.net/en/feed-comparison/)
is the freely available feed for vulnerability information licensed as open-source.
It contains basic scan configurations, report formats, port lists and the
most important vulnerability tests. The provided data is updated on a daily
basis with no warranty or promises for fixes or completeness.
Greenbone Enterprise Feed
The [Greenbone Enterprise Feed](https://www.greenbone.net/en/feed-comparison/)
is the commercial feed provided by Greenbone containing additional
enterprise features like vulnerability tests for enterprise products, policy
and compliance checks, extensive reports formats and special scan configurations.
The feed comes with a service-level agreement ensuring support, quality
assurance and availability.
VT
Vulnerability Tests (VTs), also known as Network Vulnerability Tests
(NVTs), are scripts written in the {term}`NASL` programming language to detect
vulnerabilities at remote hosts.
SCAP
Abbreviation for [Security Content Automation Protocol](https://csrc.nist.gov/projects/security-content-automation-protocol/).
It is used for providing {term}`CPE` and {term}`CVE` data via the Greenbone
Enterprise and Community Feeds.
CPE
Abbreviation for [Common Platform Enumeration](https://csrc.nist.gov/Projects/Security-Content-Automation-Protocol/Specifications/cpe).
Common Platform Enumeration (CPE) is a standardized method of describing and
identifying classes of applications, operating systems, and hardware devices
present among an enterprise's computing assets.
CVE
Abbreviation for [Common Vulnerabilities and Exposures](https://www.cve.org/).
It provides unique, common identifiers for publicly known information-security
vulnerabilities in publicly released software packages.
notus-scanner
A scanner to improve the so-called local security checks. Local security
checks are comparisons of vulnerable and installed versions of a software.
Before notus-scanner, all checks have been implemented in {term}`NASL` scripts
and each {term}`NASL` script ran in an own openvas-scanner process.
With notus-scanner, checks are run in one go per host. With the
OpenVAS Scanner release 23.0 it got replaced by {term}`openvasd`.
Feed
The feed is a set of different files continuously delivered via
{command}`rsync` and updated on a daily basis. It contains {term}`CPE`,
{term}`CVE`, {term}`VT`, CERT, Port List, Report Format and Scan Config
information. The feed is available in a {term}`Commercial<Greenbone Enterprise Feed>`
and {term}`Community<Greenbone Community Feed>` edition.
NASL
The NASL Attack Scripting Language (NASL) is a language which is part of the
OpenVAS Project and interpreted by the NASL interpreter. It is a simple
language with focus on detecting vulnerabilities on network devices. Therefore
it provides many built-in functions to attack hosts to discover
vulnerabilities. A NASL script can be either run directly with the NASL
interpreter `openvas-nasl` or within a scan with {term}`openvas`.