Gmcps FAQs

Question 1

What is Gmcps?

Accepted Answer

Gmcps (OpenVAS MCP Server) is a C# server that integrates Greenbone/OpenVAS (GVM) vulnerability management capabilities and orchestrates scans via the Model Context Protocol, enabling LLM/agent interaction for advanced security workflows.

Question 2

What are the primary integration options for Gmcps with Greenbone/OpenVAS (GVM)?

Accepted Answer

Gmcps offers seamless integration with GVM through various connection modes including Unix sockets (for containerized deployments), Docker mode, and TLS. It also supports flexible transport options like Server-Sent Events (SSE) and STDIO.

Question 3

Can Gmcps help with security compliance checking?

Accepted Answer

Yes, Gmcps supports robust policy-based compliance checking. You can define custom security rules (e.g., 'no-critical-vulns') in `data/policies.json` and use dedicated tools like `gvm_is_target_compliant` to assess adherence and maintain security standards.

Question 4

What kind of analytics and metadata capabilities does Gmcps provide?

Accepted Answer

Gmcps includes analytics tools for natural language querying of scan results (e.g., 'status of all Windows machines', 'list critical vulnerabilities') and metadata tools to set/get target OS, criticality, and tags, empowering intelligent decision-making.

Question 5

How does Gmcps enhance vulnerability management with LLMs?

Accepted Answer

Gmcps exposes specialized MCP tools that allow LLMs/agents to query GVM for vulnerability assessments, analyze findings, set target metadata, and execute policy-based compliance checks, streamlining security operations.

Gmcps

Gmcps

Key Features

Use Cases

Key Features

Use Cases