2 Read Before Use

2.1 SBOMs

OPENVAS SECURITY INTELLIGENCE currently supports the analysis of Software Bills of Material (SBOMs) that are available in CyclonDX format. To obtain the best possible results when analyzing an SBOM, it is recommended to use an SBOM generator that automatically determines the CPE of the individual components.

Greenbone currently recommends Syft to generate the SBOM of a product.

2.2 CSAF Sources

CSAF documents are imported in two different ways:

  • Some are imported via the Greenbone feed and are enriched with some additional data that is displayed on the respective details page of the CSAF document.

  • Others – if additional CSAF sources have been added – are imported directly to OPENVAS SECURITY INTELLIGENCE. For these documents, the enriched data is missing as the documents are not part of the Greenbone feed.

CSAF documents that are classified as TLP:WHITE and are part of both the feed and one of the added sources are also enriched. The non-enriched version is discarded in this case.

2.3 SCAN Reports

OPENVAS SECURITY INTELLIGENCE currently supports the analysis of scan reports from an OPENVAS SCAN appliance that are available in JSON format. The JSON report format is only available from GOS version 24.10. In order to use this function, the appliance may have to be upgraded to this major version.

2.4 Technology Previews

Technology Preview features are early-access capabilities that allow customers to evaluate upcoming functionality and provide feedback before general availability.

These features have the following key characteristics and limitations:

  • Not fully supported and may be incomplete, unstable, or unsuitable for production use.

  • May be significantly changed, replaced, moved to a different product offering, or discontinued without replacement.

  • Provided for evaluation, validation of direction, and usability testing, not as production-ready functionality.

  • Compatibility, upgrade, and migration paths are not guaranteed.

  • Future generally available versions may require reinstallation, reconfiguration, or manual data migration.

  • Issues are handled on a best-effort basis and are not subject to standard support expectations for fully supported features.

  • Customer feedback may be used to improve future releases, and Greenbone may make reasonable efforts to review reported issues.

Note

Customers should not rely on Technology Preview features for production environments or long-term planning.

2.5 Tenancy Model

OPENVAS SECURITY INTELLIGENCE supports deployment models for organizations that need to ensure strict separation of data across customers, agencies, departments, or sub-organizations.

For these requirements, the proposed tenancy model is physical tenancy. It provides clear separation of data, users, and operational responsibilities between tenants.

With physical tenant separation, tenants are separated by using dedicated OPENVAS SECURITY INTELLIGENCE instances and the corresponding surrounding infrastructure.

Contact Greenbone’s Sales team under sales@greenbone.net or +49-541-760278-20 for assistance and guidance in finding the deployment model that best meets your requirements for isolation, access, and operation.

Note

The OPENVAS SECURITY INTELLIGENCE permission system is designed for access control within one organization. It does not provide the user and group isolation required for compliant logical tenant separation within a shared instance.