2 Feb
2024
8
min read

Deploying OpenVAS with Docker: A Technical Walkthrough

This single-container solution, hosted on Docker Hub by Cytix, allows for quick deployment on local devices or in the cloud. This blog aims to guide technical users through the installation process and provide insights into customization and deployment options.

Thomas Ballin
Founder

Introduction

This single-container solution, hosted on Docker Hub by Cytix, allows for quick deployment on local devices or in the cloud. This blog aims to guide technical users through the installation process and provide insights into customization and deployment options.

Build/Installation Instructions

Quick Start

For those looking for a swift start, a prebuilt version of the container is available on Docker Hub. You can pull the image and run OpenVAS using the following commands:

docker pull cytix/openvas
docker run -p 8080:80 --name openvas -d cytix/openvas

Visit http://localhost:8080/ in your browser, and log in with the default credentials: admin/password.

Custom Build

For users who prefer a customized build, follow these steps:

  1. Clone the OpenVAS repository:

git clone <https://github.com/cytix-software/openvas-docker.git> && cd openvas-docker

  1. Build the Docker container:

docker buildx build --platform linux/amd64 -f Dockerfile -t openvas:latest .

  1. Run the container:

docker run -p 8080:80 --name openvas -d openvas:latest

Access OpenVAS at http://localhost:8080/ using the default credentials.

Build Arguments

Customize your build using build arguments. For instance:

docker buildx build --platform linux/amd64 -f Dockerfile -t openvas:latest --build-arg FEED_PROVISION=build --build-arg GVM_ADMIN_PASSWORD=mysecurepassword .

Deployment to the Cloud (AWS Example)

OpenVAS can be seamlessly deployed in the cloud using container orchestration services like AWS ECS. Below is an example for AWS:

  1. Create an ECS cluster:

aws ecs create-cluster --cluster-name openvas-cluster

  1. Define the task for ECS:

Edit theTASK_DEFINITIONvariable in the script, replacing placeholders like <TASK ROLE ARN> and <EXECUTION ROLE ARN>. Then, run:

aws ecs register-task-definition --cli-input-json "$TASK_DEFINITION"

  1. Run the task:

aws ecs run-task --cluster "openvas-cluster" --task-definition "openvas:<VERSION_NUMBER>" --launch-type FARGATE --count 1 --network-configuration "awsvpcConfiguration={subnets=[<SUBNET_ID>],securityGroups=[<SECURITY_GROUP_ID>],assignPublicIp=ENABLED}"

Once the task is running, access OpenVAS using the provided public IP address.

Conclusion

The containerized OpenVAS deployment offers flexibility and efficiency in vulnerability scanning. Whether opting for a quick start or a customized build, this guide provides technical users with the necessary steps for successful deployment on local devices or in the cloud. As updates are released, users are encouraged to check for newer versions and contribute to the repository. Happy scanning!

bug report

Get a Free Trial  From Cytix

Haven’t tried Cytix yet? Try our free trial to see how it works.

Get a Free Trial

Start Detecting Vulnerabilities Others Miss Today

  • Detect Vulnerabilities Faster
  • Patch Vulnerabilities Faster
  • Be more compliant
Learn More
business

Detect, Resolve &
Patch Faster With Cytix

Get a free test today and see how it works.
CTA Image
cta rectangle image
By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.