OpenVAS Network Vulnerability Scan

Run a deep network vulnerability assessment across every exposed service.

Start monitoring
See all checkers

A website scan looks at your site; an OpenVAS scan looks at your whole server. OpenVAS (Open Vulnerability Assessment Scanner) runs tens of thousands of individual vulnerability tests against every service your host exposes — not just HTTP, but SSH, mail, database, FTP and anything else listening on a port. It is the same class of engine security teams use to audit infrastructure, and it surfaces the deep, service-level weaknesses a page-level scan never sees.

What it checks
  • Known vulnerabilities (CVEs) across every exposed service, not just your website
  • Outdated or vulnerable versions of SSH, mail, FTP, database and other daemons
  • Default credentials and weak configurations on network services
  • Missing patches matched against thousands of network vulnerability tests (NVTs)
  • A severity-graded report so you fix the most dangerous findings first

Why it matters

Your website is only one of many services running on a server. An exposed, unpatched database or mail daemon can be just as devastating as a web flaw — and a page-level scan will never see it. OpenVAS tests the entire host the way an attacker enumerating your infrastructure would, so nothing exposed goes unchecked. Because new vulnerability tests are published constantly, re-scanning catches issues that did not exist at your last audit.

How BrandSentryPro does it

Add your server and BrandSentryPro runs an OpenVAS-class assessment against its exposed services, matches each against the vulnerability-test feed, and grades what it finds by severity. It re-scans on a schedule and alerts you when a new, exploitable issue appears.

Frequently asked questions

What is OpenVAS?
OpenVAS (Open Vulnerability Assessment Scanner) is a widely used, full-featured vulnerability scanner that runs tens of thousands of individual network vulnerability tests against a host to find known security issues across all of its services.
How is this different from the website vulnerability scanner?
The website scanner focuses on your web application and exposed web files. An OpenVAS scan assesses the whole server at the network level — SSH, mail, database, FTP and every other listening service — so it catches infrastructure weaknesses a web-only scan cannot.
How often should I run a network vulnerability scan?
Regularly. New vulnerability tests and CVEs are published constantly, and your server changes as you deploy and install software. Continuous re-scanning turns a point-in-time audit into ongoing assurance.

Related checkers

Mixed Content Checker
Find insecure HTTP resources loaded on your HTTPS pages.
Security Headers Checker
Check for HSTS, CSP, X-Frame-Options and the other headers that protect your users.
Vulnerability Scanner
Detect outdated software and known, exploitable vulnerabilities.
Domain Expiration Checker
Never lose a domain to a missed renewal again.
IP Blacklist Checker
See if your server IP has landed on spam or malware blacklists.
Server Hardening Checker
Check Fail2Ban, rate limiting, hidden version tokens and OS updates.
All in one place

Run this check automatically

Add a monitor and BrandSentryPro keeps every check running for you — with alerts the moment something needs attention.

Get started