Greenbone is a leading German cybersecurity company specializing in open-source vulnerability management, helping organizations identify and address security weaknesses before attackers can exploit them.

Founded in 2008, Greenbone has grown steadily from a small startup into an international provider of vulnerability scanning solutions. Today, Greenbone protects the digital assets of over 1,000 customers worldwide, with more than 50,000 installations of its technology deployed across the globe. The company’s team expanded rapidly in recent years – growing from about 50 to 120 employees in 2023. Greenbone’s mission centers on proactive cyber defense and “sustainable resilience”, which underscores its commitment to long-term security and innovation.

Brief History

Established by a group of security experts, Greenbone started with a vision to continue the development of open-source vulnerability scanning after the popular Nessus scanner went closed-source.

Greenbone built its platform on the OpenVAS (Open Vulnerability Assessment System) framework – an open-source scanner engine that the company has since significantly enhanced. Over the years, Greenbone has cultivated a strong partnership with the German Federal Office for Information Security (BSI), collaborating for over 15 years on improving vulnerability detection and standards. Major milestones in Greenbone’s history include launching its first commercial Greenbone Security Manager appliance, expanding into cloud-based services, and achieving important certifications (ISO 9001, ISO 27001, and ISO 14001). With 15+ years in the industry, the company has established itself as a trusted name in vulnerability management, balancing open-source ethos with enterprise-grade solutions.

Products and Solutions

Greenbone offers a comprehensive portfolio of vulnerability management products designed for different needs, all powered by its open-source core technology and continuously updated security knowledge base.

  • Greenbone Enterprise Appliances – Turnkey vulnerability scanning devices (available as hardware or virtual appliances) for on-premises deployment. They are ideal for enterprises and critical infrastructures that require full control over scanning on-site.
  • Greenbone Cloud Services – A cloud-based vulnerability scanning service that delivers Greenbone’s capabilities without the need for local hardware. This service allows organizations to assess their IT assets over the internet, receiving the same depth of vulnerability analysis and reports via a convenient subscription. It’s well-suited for distributed environments and Managed Service Providers.
  • Greenbone Web App Scanning – A specialized service focused on testing the security of web applications and websites, while adhering to privacy regulations such as GDPR. This helps organizations secure their online services in addition to their network infrastructure.
  • OpenVAS – Greenbone continues to support the open-source community through OpenVAS, which is packaged as the Greenbone Community Edition for free use.
  • Greenbone Enterprise Feed – At the heart of all Greenbone products is its daily updated security feed. This feed contains over 180,000 vulnerability tests, one of the broadest in the industry. This includes checks for network devices, servers, endpoints, cloud services, and applications. Greenbone’s scanners can detect the latest threats (including new CVEs, zero-days, and vendor-specific vulnerabilities), enabling automated scans to uncover issues across operating systems, applications, and devices.

All Greenbone products integrate into a unified Greenbone Vulnerability Management framework. Scan results are presented through comprehensive reports, which include risk ratings and actionable remediation steps. Greenbone’s reports use the industry-standard CVSS scoring to rate vulnerability severity, and also consider contextual factors like asset criticality and exploit availability to help prioritize fixes.

Distinguishing Features and Technology

Greenbone is the world’s most trusted provider of open-source vulnerability management. Clients benefit from the transparency (no “black box” scanning) and can trust that no hidden backdoors exist – an important consideration for security-conscious organizations and governments. Greenbone’s open-source roots also foster a strong user community and knowledge exchange, which continually improves the solutions. For instance, Greenbone promptly provided tests for major vulnerabilities like Log4Shell, ProxyShell, and others so that customers could detect and mitigate these threats ahead of attackers.

Furthermore, Greenbone’s reporting and features help organizations comply with various security regulations and standards: GDPR, NIS Directive, the EU Cyber Resilience Act, and ISO 27001, by systematically scanning and reporting on system vulnerabilities.

Despite its powerful engine, Greenbone’s solutions are designed to be user-friendly. The appliances and services come with intuitive web-based interfaces for configuring scans, viewing results, and generating reports. Greenbone supports integration with other tools via APIs and export formats, allowing vulnerability data to feed into SIEMs, ticketing systems, or patch management workflows. This flexibility and interoperability make Greenbone a fit for various IT environments, from small networks to complex enterprise ecosystems.

European Data Sovereignty

As a Germany-based company with an open-source platform, Greenbone appeals to European organizations concerned about data sovereignty and supply chain trust. All vulnerability tests and data processing can be hosted on-premises or within Europe, which is a selling point for government agencies and companies that must adhere to strict data protection rules.

Major Customers

Greenbone’s solutions are trusted by organizations across multiple sectors worldwide. Its customer base of 1,000+ spans government agencies, enterprises, critical infrastructure operators, managed service providers, and non-profits. Many public sector institutions (including military and government IT security teams in Europe) favor Greenbone for its open-source foundation and European provenance, which align with their security and compliance requirements.

With a solid foundation, a growing team, and a community-driven approach, Greenbone is well-positioned to remain a key player in vulnerability management and IT risk reduction for years to come.