Nessus (software)

Last updated
Nessus Vulnerability Scanner
Developer(s) Tenable, Inc.
Stable release
8.15.8 / January 18, 2023 (2023-01-18) [1]
Operating system Linux, macOS and Microsoft Windows
Type Vulnerability scanner
License Proprietary; GPL (2.2.11 and earlier)
Website https://www.tenable.com

Nessus is a proprietary vulnerability scanner developed by Tenable, Inc.

Contents

History

In 1998 Renaud Deraison created The Nessus Project as a free remote security scanner. [2] On October 5 2005, with the release of Nessus 3, the project changed from the GNU General Public License to a proprietary license. [3]

The Nessus 2 engine and some of the plugins are still using the GNU General Public License, leading to forks based on Nessus like OpenVAS [2] [4] and Greenbone Sustainable Resilience. [5]

See also

Related Research Articles

<span class="mw-page-title-main">Free software</span> Software licensed to be freely used, modified and distributed

Free software, libre software, or libreware is computer software distributed under terms that allow users to run the software for any purpose as well as to study, change, and distribute it and any adapted versions. Free software is a matter of liberty, not price; all users are legally free to do what they want with their copies of a free software regardless of how much is paid to obtain the program. Computer programs are deemed "free" if they give end-users ultimate control over the software and, subsequently, over their devices.

The free software movement is a social movement with the goal of obtaining and guaranteeing certain freedoms for software users, namely the freedoms to run, study, modify, and share copies of software. Software which meets these requirements, The Four Essential Freedoms of Free Software, is termed free software.

<span class="mw-page-title-main">GNU</span> Free software collection

GNU is an extensive collection of free software, which can be used as an operating system or can be used in parts with other operating systems. The use of the completed GNU tools led to the family of operating systems popularly known as Linux. Most of GNU is licensed under the GNU Project's own General Public License (GPL).

<span class="mw-page-title-main">GNU Lesser General Public License</span> Free-software license

The GNU Lesser General Public License (LGPL) is a free-software license published by the Free Software Foundation (FSF). The license allows developers and companies to use and integrate a software component released under the LGPL into their own software without being required by the terms of a strong copyleft license to release the source code of their own components. However, any developer who modifies an LGPL-covered component is required to make their modified version available under the same LGPL license. For proprietary software, code under the LGPL is usually used in the form of a shared library, so that there is a clear separation between the proprietary and LGPL components. The LGPL is primarily used for software libraries, although it is also used by some stand-alone applications.

<span class="mw-page-title-main">Open-source software</span> Software licensed to ensure source code usage rights

Open-source software (OSS) is computer software that is released under a license in which the copyright holder grants users the rights to use, study, change, and distribute the software and its source code to anyone and for any purpose. Open-source software may be developed in a collaborative, public manner. Open-source software is a prominent example of open collaboration, meaning any capable user is able to participate online in development, making the number of possible contributors indefinite. The ability to examine the code facilitates public trust in the software.

The Apple Public Source License (APSL) is the open-source and free software license under which Apple's Darwin operating system was released in 2000. A free and open-source software license was voluntarily adopted to further involve the community from which much of Darwin originated.

<span class="mw-page-title-main">Scanner Access Now Easy</span> Open source scanner application programming interface

Scanner Access Now Easy (SANE) is an open-source application programming interface (API) that provides standardized access to any raster image scanner hardware. The SANE API is public domain. It is commonly used on Linux.

<span class="mw-page-title-main">GnuTLS</span> Free software library implementing TLS

GnuTLS is a free software implementation of the TLS, SSL and DTLS protocols. It offers an application programming interface (API) for applications to enable secure communication over the network transport layer, as well as interfaces to access X.509, PKCS #12, OpenPGP and other structures.

<span class="mw-page-title-main">Free and open-source software</span> Software whose source code is available and which is permissively licensed

Free and open-source software (FOSS) is software that is available under a license that grants the right to use, modify, and distribute the software, modified or not, to everyone free of charge. The public availability of the source code is, therefore, a necessary but not sufficient condition. FOSS is an inclusive umbrella term for free software and open-source software. FOSS is in contrast to proprietary software, where the software is under restrictive copyright or licensing and the source code is hidden from the users.

A permissive software license, sometimes also called BSD-like or BSD-style license, is a free-software license which instead of copyleft protections, carries only minimal restrictions on how the software can be used, modified, and redistributed, usually including a warranty disclaimer. Examples include the GNU All-permissive License, MIT License, BSD licenses, Apple Public Source License and Apache license. As of 2016, the most popular free-software license is the permissive MIT license.

OpenVAS is the scanner component of Greenbone Vulnerability Management (GVM), a software framework of several services and tools offering vulnerability scanning and vulnerability management.

<span class="mw-page-title-main">Metasploit</span> Computer security testing tool

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.

<span class="mw-page-title-main">GNU Affero General Public License</span> Free software license based on the AGPLv1 and GPLv3

The GNU Affero General Public License is a free, copyleft license published by the Free Software Foundation in November 2007, and based on the GNU GPL version 3 and the Affero General Public License (non-GNU).

Companies whose business centers on the development of open-source software employ a variety of business models to solve the challenge of making profits from software that is under an open-source license. Each of these business strategies rest on the premise that users of open-source technologies are willing to purchase additional software features under proprietary licenses, or purchase other services or elements of value that complement the open-source software that is core to the business. This additional value can be, but not limited to, enterprise-grade features and up-time guarantees to satisfy business or compliance requirements, performance and efficiency gains by features not yet available in the open source version, legal protection, or professional support/training/consulting that are typical of proprietary software applications.

<span class="mw-page-title-main">Free-software license</span> License allowing software modification and redistribution

A free-software license is a notice that grants the recipient of a piece of software extensive rights to modify and redistribute that software. These actions are usually prohibited by copyright law, but the rights-holder of a piece of software can remove these restrictions by accompanying the software with a software license which grants the recipient these rights. Software using such a license is free software as conferred by the copyright holder. Free-software licenses are applied to software in source code and also binary object-code form, as the copyright law recognizes both forms.

<span class="mw-page-title-main">Copyleft</span> Practice of mandating free use in all derivatives of a work

Copyleft is the legal technique of granting certain freedoms over copies of copyrighted works with the requirement that the same rights be preserved in derivative works. In this sense, freedoms refers to the use of the work for any purpose, and the ability to modify, copy, share, and redistribute the work, with or without a fee. Licenses which implement copyleft can be used to maintain copyright conditions for works ranging from computer software, to documents, art, and scientific discoveries, and similar approaches have even been applied to certain patents.

<span class="mw-page-title-main">GNU General Public License</span> Series of free software licenses

The GNU General Public License is a series of widely used free software licenses, or copyleft, that guarantee end users the four freedoms to run, study, share, and modify the software. The license was the first copyleft for general use, and was originally written by Richard Stallman, the founder of the Free Software Foundation (FSF), for the GNU Project. The license grants the recipients of a computer program the rights of the Free Software Definition. The licenses in the GPL series are all copyleft licenses, which means that any derivative work must be distributed under the same or equivalent license terms. It is more restrictive than the Lesser General Public License, and even further distinct from the more widely-used permissive software licenses BSD, MIT, and Apache.

<span class="mw-page-title-main">Software categories</span> Groups of software

Software categories are groups of software. They allow software to be understood in terms of those categories, instead of the particularities of each package. Different classification schemes consider different aspects of software.

The Nessus Attack Scripting Language, usually referred to as NASL, is a scripting language that is used by vulnerability scanners like Nessus and OpenVAS. With NASL specific attacks can be automated, based on known vulnerabilities.

Tenable, Inc. is a cybersecurity company based in Columbia, Maryland. Its vulnerability scanner software Nessus, developed in 1998, is one of the most widely deployed vulnerability assessment solutions in the cybersecurity industry. As of December 31, 2022, the company had approximately 43,000 customers.

References

  1. "Nessus 2023 Release Notes". Tenable Network Security.
  2. 1 2 Carey, Mark; Russ Rogers; Paul Criscuolo; Mike Petruzzi. Nessus Network Auditing. O'reilly. ISBN   978-1-59749-208-9.
  3. Olenick, Doug (2019-03-09). "SC 30th Anniversary Awards". SC Media.
  4. "OpenVAS" . Retrieved 2009-10-21.
  5. "Greenbone" . Retrieved 2021-03-07.