Hey All,
I want to start CI/CD methodology where I run OpenVAS scan on my products automatically. I have some really basic questions I wanted to know in advance:
-
Is it possible to run a scan specifically on .zip/.tgz file? my last scan results showed me many vulnerabilities on the default OS packages which are not relevant for me. I would like to get vulnerability report for the additional packages which were installed with my SW… is it possible?
-
what is the best practice to run a scan via Jenkins job? is there any CLI support for OpenVAS ?
Appreciate any advise!
Thanks,
Ariel.