I have a list of security policies that need to be implemented. These are for example:
- standard passwords shall not be used and must be replaced.
- standard admin accounts like root and admin shall be deactivated
- authentication credentials shall be protected against replay-attacks
I would like to check, whether these individual policies are covered (i.e. can be checked) using OpenVAS.
What would be a good way to do this? Is there a list (excel, html, CVS) of VTs that are currently part of OpenVAS, which I can use.
Do you know of a more efficient way to get this done?