I saw that intruder automatic pentest has an integration of openvas to scan services and cves, can i also do it with my product?
I suggest reading the Software Licence Agreement for OpenVAS Scanner and in particular the copying licence.
Some excerpts:
Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish)
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have.
Essentially, you must:
- Freedom to Share and Modify: You can share and modify the software, but you must also allow others the same freedoms.
- Source Code Distribution: If you distribute the software (modified or unmodified), you must make the source code available under the same GPLv2 terms.
I’m not an intellectual property lawyer, but Intruder.io may be in violation of the GNU GPL-2 Licence since they do not make the source code of their product available.
Also as a side note, they attribute OpenVAS scans with > 16,000 tests, but even with the Local Security Check (LSC) families excluded, the Greenbone Community Feed has over 31,000 tests and the Enterprise Feed has over 43,000 (>180,000 with LSC included).