Hi, OpenVAS can fullfill PCI DSS requirements for internal scanning *). For external scanning ASV certified solution is required **). It's not about software, it's about certification and verified solution.
Any other questions? *) note: pci dss: 11.2.3.c Validate that the scan was performed by a qualified internal resource(s) or qualified external third party and if applicable, organizational independence of the tester exists (not required to be a QSA or ASV) **) https://www.pcisecuritystandards.org/assessors_and_solutions/approved_scanning_vendors -- Eero -- Eero 2017-01-23 11:55 GMT+02:00 Oscar Kwan <oscar.k...@jos.com.hk>: > Dear all > > > > May I know which compliances OpenVAS is able to fulfill for vulnerability > scanning (e.g. PCI DSS, ISO27001/27002 etc.)? Our company would like to > switch from Nessus to OpenVAS and want to know whether they can fulfil the > audit requirements or not. Thanks. > > > > Best regards > > *Oscar * > > > > > > > > ________________________________________________________________________ > DISCLAIMER:- > This email is confidential and intended only for the use of the individual > or entity named above and may contain information that is privileged. If > you are not the intended recipient, you are notified that any > dissemination, distribution or copying of this email is strictly > prohibited. If you have received this email in error, please notify us > immediately by return email or telephone and destroy the original message. > Thank you. > ________________________________________________________________________ > > _______________________________________________ > Openvas-discuss mailing list > Openvas-discuss@wald.intevation.org > https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss >
_______________________________________________ Openvas-discuss mailing list Openvas-discuss@wald.intevation.org https://lists.wald.intevation.org/cgi-bin/mailman/listinfo/openvas-discuss