Doing Authenticated Vulnerability Scans on PostgreSQL and Redis Instances

Hello all! New to this forum so apologies if I’m posting this in the wrong category.

Anyway, I was wondering, is it possible for GVM to conduct authenticated scans on Postgres Database and Redis Services? When creating a Target I see the only forms of authentication allowed are SSH/SMB/ESXI/SNMP, but I was thinking, since GVM uses Redis and PostgresSQL internally, could these be leveraged to perform authenticated scans on a targeted Redis/PostgreSQL instance?

Thank you in advance!

Hi and welcome to the forum!

Do you mean like checking the settings etc. on PostgreSQL / Redis? If yes, then this would be more like a Policy / Compliance scan which we have e.g for PostgreSQL in the Greenbone Enterprise Feed.

Best,
Chris

3 Likes