Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Blog de Tenable

Suscribir

Nessus Turns 20!

Twenty years ago this week, I released the first public version of Nessus. Little did I know at the time the profound impact it would have both on the industry and on me personally.

Over this period of time, Nessus quite literally redefined the vulnerability management industry and profoundly influenced the security industry as a whole. Nessus is one of the most widely used security tools on the market today. I’m very proud to say that Nessus has helped 1.6 million enthusiasts become cybersecurity professionals – and I can’t even begin to tell you the number of people who have told me that Nessus launched their careers, and hearing that is always so personally gratifying.

There’s actually a little backstory to this adventure that I’m guessing only a handful know. On April 4, 1998, I sent an email to the bugtraq mailing list to let a little group of security geeks (and I use that term with respect) know about a project I had been working on during the previous 12 months – a Linux app with a graphical interface that would check networks for more than 50 vulnerabilities. Yes, you read that correctly – 50 vulns! I vividly remember thinking that I’d release the software, incorporate the little feedback I’d get and move on to something else.

Instead, the feedback I received was so encouraging that I ended up dropping out of college (my parents were NOT happy, but that’s a story for another day) and creating Tenable.

Why did Nessus become popular?

In hindsight, here’s why I believe Nessus became so popular:

  1. It was a Linux application with a graphical user interface, which was very rare for security tools at the time. The webpage I set up had many screenshots, and the interface looked professional enough to generate curiosity. At the time, most security tools simply were a computer archive on a FTP server somewhere, with a README.txt file in it.
  2. I announced it at the right place, at the right price, on the right platform, and at the right time. Nessus originally could not compete feature-to-feature with ISS (the 800-pound gorilla at the time). It was Linux-based and ISS had just dropped Linux support, which was what security professionals were using. The “industry” was very much anti-commercialism, and every security professional was reading bugtraq religiously.
  3. I managed to create a direct relationship with the user community and worked days and nights to analyze bug reports and take feature requests into consideration.
  4. Finally, I simply put lots and lots of work into it. For months, I’d work until 5 a.m., reverse-engineering some obscure undocumented protocols to make Nessus more powerful as a whole.
Nessus' first user interface
Nessus' very first user interface.

If you think about the four points above, you’ll recognize that they outline guiding principles for many successful products:

  • First, identify an unmet need (in the early days of Nessus, that was the graphical interface) and then deliver against it.
  • Second, understand the power of industry context – or put another way, no engineering in a vacuum.
  • Third, know your user and the community you serve.
  • Fourth, work harder than your competitors.

These principles are key. They ensure that our goal for Nessus today remains the same as it was at the beginning – offer a tool that gives its users an outsider’s view of the security of their network and guidance on how to improve it.

Nessus: What’s on the horizon?

In 2018, networks have never been so complex and security guidance has never been so sought-after. Nessus’ role within the security arsenal of any professional could not be more relevant in our era of BYOD, IoT, public cloud, etc. The team is hard at work to improve Nessus to reflect these changes and to tune Nessus to better adapt to modern IT environments:

  • Before the end of the year, we’ll release a new engine that scales better, especially on the Windows platform.
  • We’re also hard at work to dramatically reduce the installation time for Nessus. The “processing plugins” progress bar should soon be a thing of the past.
  • The Tenable Research team is hard at work to refactor some of our critical libraries (such as the work that was done with SSH) to work in more environments and open up the way for more complex and reliable checks in the future.

These changes will make it easy to install Nessus in systems with fewer resources, such as low-end cloud instances. The reduced installation time will also make it easier to move the scanner from one system to another.

Thanks to the Nessus user community

Finally, the reason Nessus has been successful all these years is you, our user community. And we want to hear from you!

If you’re a Nessus user with a story to tell and you’re happy to share it on video, come visit me and the Tenable team at the RSA Conference in San Francisco from April 16 to 20 (booth #4301, Moscone North).

I’m looking forward to the future and to see how we all contribute to it.

Artículos relacionados

Noticias de ciberseguridad que le son útiles

Ingrese su correo electrónico y nunca se pierda alertas oportunas y orientación en seguridad de los expertos de Tenable.

Tenable Vulnerability Management

Disfrute el acceso completo a una plataforma moderna para la gestión de vulnerabilidades en la nube, que le permite ver y rastrear todos sus activos con una precisión inigualable.

Su prueba de Tenable Vulnerability Management también incluye Tenable Lumin y Tenable Web App Scanning.

Tenable Vulnerability Management

Disfrute el acceso completo a una plataforma moderna para la gestión de vulnerabilidades en la nube, que le permite ver y rastrear todos sus activos con una precisión inigualable. Compre una suscripción anual hoy mismo.

100 activos

Seleccione su tipo de suscripción:

Comprar ahora

Tenable Vulnerability Management

Disfrute el acceso completo a una plataforma moderna para la gestión de vulnerabilidades en la nube, que le permite ver y rastrear todos sus activos con una precisión inigualable.

Su prueba de Tenable Vulnerability Management también incluye Tenable Lumin y Tenable Web App Scanning.

Tenable Vulnerability Management

Disfrute el acceso completo a una plataforma moderna para la gestión de vulnerabilidades en la nube, que le permite ver y rastrear todos sus activos con una precisión inigualable. Compre una suscripción anual hoy mismo.

100 activos

Seleccione su tipo de suscripción:

Comprar ahora

Tenable Vulnerability Management

Disfrute el acceso completo a una plataforma moderna para la gestión de vulnerabilidades en la nube, que le permite ver y rastrear todos sus activos con una precisión inigualable.

Su prueba de Tenable Vulnerability Management también incluye Tenable Lumin y Tenable Web App Scanning.

Tenable Vulnerability Management

Disfrute el acceso completo a una plataforma moderna para la gestión de vulnerabilidades en la nube, que le permite ver y rastrear todos sus activos con una precisión inigualable. Compre una suscripción anual hoy mismo.

100 activos

Seleccione su tipo de suscripción:

Comprar ahora

Probar Tenable Web App Scanning

Disfrute de acceso completo a nuestra última oferta de escaneo de aplicaciones web diseñada para aplicaciones modernas como parte de la plataforma Tenable One Exposure Management. Escanee de manera segura todo su portafolio en línea para detectar vulnerabilidades con alto grado de exactitud sin el esfuerzo manual intensivo ni la interrupción de aplicaciones web críticas. Registrarse ahora.

Su prueba de Tenable Web App Scanning también incluye Tenable Vulnerability Management y Tenable Lumin.

Comprar Tenable Web App Scanning

Disfrute el acceso completo a una plataforma moderna para la gestión de vulnerabilidades en la nube, que le permite ver y rastrear todos sus activos con una precisión inigualable. Compre una suscripción anual hoy mismo.

5 FQDN

USD 3578

Comprar ahora

Probar Tenable Lumin

Visualice y explore su gestión de exposición, realice un seguimiento de la reducción de riesgos a lo largo del tiempo y compárese con sus competidores con Tenable Lumin.

Su prueba de Tenable Lumin también incluye Tenable Vulnerability Management y Tenable Web App Scanning.

Comprar ahora Tenable Lumin

Póngase en contacto con un representante de ventas para saber cómo puede ayudarle Tenable Lumin a obtener información de toda su organización y gestionar el riesgo cibernético.

Probar Tenable Nessus Professional gratuitamente

GRATIS POR 7 DÍAS

Tenable Nessus es el escáner de vulnerabilidades más completo en el mercado hoy en día.

NUEVO - Tenable Nessus Expert
Ahora disponible

Nessus Expert viene con aún más funcionalidades, incluyendo escaneo de superficie de ataque externa y la capacidad de agregar dominios y escanear infraestructura en la nube. Haga clic aquí para probar Nessus Expert.

Rellene el formulario a continuación para continuar con la prueba de Nessus Pro.

Comprar Tenable Nessus Professional

Tenable Nessus es el escáner de vulnerabilidades más completo en el mercado hoy en día. Tenable Nessus Professional ayudará a automatizar el proceso de escaneo de vulnerabilidades, ahorrará tiempo en sus ciclos de cumplimiento y le permitirá involucrar a su equipo de TI.

Compre una licencia multi anual y ahorre. Agregue Soporte Avanzado para acceder a soporte por teléfono, chat y a través de la Comunidad las 24 horas del día, los 365 días del año.

Seleccione su licencia

Compre una licencia multi anual y ahorre.

Añada soporte y capacitación

Probar Tenable Nessus Expert gratuitamente

GRATIS POR 7 DÍAS

Diseñado para la superficie de ataque moderna, Nessus Expert le permite ver más y proteger a su organización contra las vulnerabilidades, desde TI hasta la nube.

¿Ya tiene Tenable Nessus Professional?
Actualice a Nessus Expert gratuitamente por 7 días.

Comprar Tenable Nessus Expert

Diseñado para la superficie de ataque moderna, Nessus Expert le permite ver más y proteger a su organización contra las vulnerabilidades, desde TI hasta la nube.

Seleccione su licencia

Compre una licencia plurianual y ahorre más.

Añada soporte y capacitación