I’m new to this forum so please forgive me if I make any mistakes.
I have been interested in Greenbone for some time and I admit that I was quite intrigued by the project.
I am looking for a solution allowing me to reference my network equipment (mainly firewalls, proxies, and some servers) based mainly on Fortinet and Cisco ASA/FTD.
Apart from analyzes and vulnerability tests, I am mainly looking for a solution that would allow me to be notified of new versions of firmware available for my equipment. And potentially security vulnerabilities detected on current versions and how to fix them.
Do you think greenbone could be useful for what I want to do or not at all?
And what can you advise me if not?
Thank you for your patience and help.
Here is how I would determine this:
- Log into the Greenbone SecInfo portal as a guest (guest login button below the regular login button). This displays Greenbone’s Enterprise feed content.
- Use the NVT, CVE, and CPE pages (under SecInfo in the menu) to determine coverage by looking for vulnerability tests and service detection for the hardware/software you are using in your tech stack.
Finally, as per my knowledge (which is not 100% complete admittedly), while Greenbone will detect vulnerabilities in outdated software, it does not provide firmware status notification such as you seem to be looking for. To achieve this goal I would look to the hardware vendors themselves for notification services (such as for Fortinet here) that will keep you informed of the firmware status for the products in your tech stack.
Thank you for your reply
Having already done a lot of research for this, I have the impression that a ready-made solution doesn’t really exist for what I want to do,
Do you think that a script or a plugin to use on an already existing SEO solution (example: LibreNMS) could be possible or not at all?