There is a requirement in the current OS Distro environments that we have proper screening of the Cloud Image distribution OS images for CVEs(Vulnerabilities) that are prevalent in the open . Keeping that in mind I used a basic version of OpenVAS running on Fedora 24 to scan the OpenStack images I get. I used the basic installation steps from here and adapted it for fedora.
I get the following once I have set it all up
Login to it with the password. Once u can start a scan with machine which you have running ( or your own desktop if you may) with IP & login credentials as follows.
Scans > Tasks > and on top left corner > Advanced Task Wizards while gives the following pop up.
In the scan config better to select the Full and very deep ultimate. It gives a thorough scan and also worth the wait. The different types of scan can be found at
Configuration > Scan Configs
which gives the following page. Its upto you what type of scan you want.
.
Once you start the scan you can see the progress in Scans > tasks
You can get the full log if you click the date under reports. This is an O/P from a scan I did on a CentOS 7.2 machine
You can click on each Vulnerability found and it will suggest on how to mitigate them. Pretty Cool huh!
Also there are other tools too which may give a more comprehensive results but I found this one to be good for Security audit for two things : 1 . Ease of Install 2. Ease of usage. Also frequently updated CVE lists.
Please do suggest the others if you found which is better or nicer in the comments , so i will try to review them
Sohny Thomas 