Are there any lightweight alternatives to openvas?
openvas is decent, but is quite resource-hungry.
The server is starting slow when there are lots of plugins. The GTK client eats 100% of CPU when connecting to the server and when performing security scans.
OpenVas and Nessus are the two most popular tools to use.
If you want more control over your resources, you'll have to go to a more granular level of control - for example, writing your own nmap scripts. I don't think there is an intermediate level - one where you have significant level of control over resources and type of work performed, without also requiring very detailed knowledge/custom implementation of scans.
I would consider the web-based gui alternative for OpenVAS to be a lightweight alternative to the GTK-gui-based client. It still runs the same back-end server, but you instead connect via http/s to your server instead of the gtk client, and conduct all activities from that menu interface.
It's called the Greenbone Security Assistant, and is written by the same authors of OpenVAS.
Analyzing cacti graphs of the server show that there is very little CPU usage when managing the system in this manner, and it's stable / usable.
