Renaud Deraison The Nessus Project Reducing the Costs of Vulnerability Assessment

Channel:
United States All Hacking Cons
Subscribers:
6,120
Published on ● Video Link: https://www.youtube.com/watch?v=3LFFezyokTc


Duration: 1:05:09
12 views
0

Nessus checks both hardware and software for known vulnerabilities. It watches running processes for abnormal behavior and it also monitors network traffic patterns. Nessus is a sort of firewall/antivirus system, but not quite. Although it has remediation procedures, it isn’t as comprehensive in the solutions section as a typical endpoint protection system would be.

Tenable, Inc began operations in 2002, but Nessus is much older than that. How can a product be older than the company that developed it? The Nessus system was developed by an individual, Renaud Deraison and first released in 1998. At the time, Deraison was 17. He set Nessus up as an open-source project and lead the community development of the software part-time while pursuing a career in IT during the day.

Controversially, Deraison set up Tenable Network Security to manage the commercial possibility of the Nessus software. Although the development project was community-driven, Deraison owned the copyright of the software. When Nessus 3 was released, the open-source project closed down, taking Nessus fully into the business as a proprietary system. Earlier versions are still available under GNU General Public licenses.

The availability of the source code for Nessus 2 led to the creation of forks, providing rivals to the Nessus system. However, with Nessus, Deraison invented the concept of ‘remote vulnerability scanners’. It went from being the only vulnerability scanner in the world to the leading vulnerability scanner. The move to proprietary ownership prevented Nessus from being completely crowded out by re-labeled copies of its own code.

Tenable is relaxed about the continued existence of the Nessus 2 code and the presence of near copies in the market. Under the GNU licensing system, those copies can’t be sold commercially, only given away. By investing in developing Nessus privately, Tenable has ensured that it keeps ahead of its rivals, both free and paid.

Nessus 3 is a considerable advancement to the previous versions and the hobbyists that produced forks of the code don’t have the resources to fully compete with Tenable.

Black Hat - USA - 2001 Hacking conference
#hacking, #hackers, #infosec, #opsec, #IT, #nessus



Other Videos By All Hacking Cons


2021-12-25Jay Beale Attacking and Securing UNIX FTP Servers Black Hat - USA - 2002
2021-12-25Panel Hacker Court Black Hat - USA - 2002
2021-12-25Dan Veeneman Vulnerabilities of Cellular and Satellite based Voice and Data Networks
2021-12-25Scott Blake Politics of Vulnerabilities
2021-12-25Kevin McPeake and Chris Goggins Falling Dominos
2021-12-25Daniel VanBelleghem Solving Network Mysteries
2021-12-25Walter Gary Sharp Key Legal Implications of Computer Network Defense
2021-12-25Rain Forest Puppy TBD
2021-12-25Gregory S Miles Computer Forensics a Critical Process in Your Incident Response Plan
2021-12-25Scott Blake Dog of War Attack Box Design
2021-12-25Renaud Deraison The Nessus Project Reducing the Costs of Vulnerability Assessment
2021-12-25Lance Spitzner The Honey Net Project
2021-12-25Halvar Flake Hit Them Where It Hurts Finding Holes in COTS Software Part 1
2021-12-25Simple Nomad and Todd Sabin The RAZOR Warez
2021-12-25Richard Thieme Defending the Information Web New Ways of Thinking About Security
2021-12-25Last Stage Of Delirium Research Group UNIX Assembly Codes Development for Vulnerabilities
2021-12-25Steven Christey CVE Behind the Scenes The Complexity of Being Simple
2021-12-25Andrew van der Stock Alternatives to Honeypots
2021-12-25Robert Hansen htaccess Scripts in Apache Environments
2021-12-25Mandy Andress Wireless LAN Security
2021-12-25Thomas Olofsson Building a Blind IP Spoofed Portscanning Tool


Tags:
data
hacker
security
computer
cyber
internet
technology
hacking
attack
virus
information
hack
online
crime
code
web
concept
thief
protection
scam
fraud
malware
secure
identity
criminal
phishing
software
access
safety
theft
system
firewall
communication
business
privacy
binary
account
spy
programmer
program
spyware
hacked
hacking conference
conference
learn
how to
2022
2021
cybersecurity
owned
break in
google
securing
exploit
exploitation
recon
social engineering
Renaud Deraison
Nessus