I think the best place to start is from the documentation “Managing Assets” section.
Essentially, you have Host
assets and Target
assets. Hosts are essentially just a list of assets, while targets are used to configure scan tasks. Tags
can be used to group hosts or targets into asset classes or groups to filter results, create reports, etc.
Hosts are limited to a single IP, while targets can be
- an IP range (dash-separated, or with CIDR notation)
- comma-separated IP addresses, FQDNs
- created from a host file
- be configured with accept-list / block-list for granularly removing IPs
If you use the Wizard to create a task you can just enter the target IP/IP range as mentioned above, and the target and hosts will be created automatically.
If not using the wizard, you can skip directly to creating a target and hosts will be created when creating a target.
Otherwise, when conducting host discovery scans, any discovered hosts will be automatically created as items in your host list and can be added to targets / used to create new targets.
- Host assets can be found in from the Assets->Hosts in the top menu bar
- Target assets can be found in the Configuration->Targets in the top menu bar
You said:
In Nexpose, I can easily add or remove assets within the same site, whereas in OpenVAS, modifying assets within a target requires creating a new target and deleting the old one first.
Its true that if a Target is assigned to an existing task you cannot modify the target, but you can clone it and modify the clone, or else you can delete all the tasks that it is connected to and then the target can be modified. Unfortunately, when you delete the task, you also delete the reports and results that were tied to the task. It would be nice if those were kept.
However, better than trying to use a single tasks or single target to organize assets into groups, you can use tags (see documentation here) and then configure filters with those tags to isolate say, a department of a company, or another type of asset class.
There are other options for other type of grouping assets, and filtering results, or reports, etc. One way would be to use tags/keywords in the target/host comments and filter by those later. It’s a fairly flexible way of managing the scan information once you have completed scans.