Thursday, December 16, 2004

Thoughts on Tenable's Nessus Changes at

Shawna McAlearney of contacted me about recent Nessus developments, meaning Tenable's new licensing deal with NASL scripts. She quotes me in her story Nessus no longer free:

"'It is difficult to financially justify releasing the work of a corporate developer to the open source community when that developer is supported by thousands of dollars of equipment, salary and benefits,' said Richard Bejtlich, technical director for the Monitoring Operations Division of ManTech's Computer Forensics and Intrusion Analysis group. 'To do so is to provide free software development for one's less scrupulous competitors, who are only too happy to take but not give back.'"

Shawna and Tenable co-founder Ron Gula elaborate on this point, including naming companies who commercially profit from using Nessus.

1 comment:

Anonymous said...

... this after having written an otherwise very successful and good book on security (TAO ...), which - I assume - may have brought in some "profits" (what a bad word!), and whose "tooling" foundation relies heavily on open source, FREE software ... hmmm ... oh, well ...