Nessus at 20: Why It’s More Than a Product to Me

Share and earn Cybytes
Facebook Twitter LinkedIn Email

In honor of the 20th anniversary of Nessus this year, we’ve been asking users around the world to answer the question, “I love Nessus because….” Here, Tenable’s VP and Deputy CTO Glen Pendley does just that, sharing his experiences working with Nessus over the past two decades – and tells us how it delivered his first rock-star moment.

Has your life ever been changed by a piece of software? As we celebrate the 20th anniversary of Nessus this year, I’ve come to realize how much it means to me, personally, to have been responsible for continuing the legacy of Nessus® creator Renaud Deraison– and how much of a role the product has played in the course of my own career.

Renaud (left) and Glen (right) at Tenable's Init Hackathon

Renaud (left) and Glen (right) at Tenable’s Init Hackathon.

The early days of Nessus, the early days of cybersecurity

My first interaction with Nessus was in the late 1990s and early 2000s while I was in the United States Marine Corps. At the time, cybersecurity had started to really become a thing. These early interactions with Nessus pushed me to pursue a career in cybersecurity, rather than general software engineering. I clearly remember how my eyes were opened when I first started looking through the results of a Nessus scan. At that time, if you had a firewall at your perimeter and AV running on your machines, you believed you were “secure.” What I saw through Nessus not only introduced me to the ways someone could exploit a system, it also gave me a much better understanding of how a system functions.

A few years later, I was able to secure a position at Tenable where I ran engineering for SecurityCenter®. After my first two years at Tenable, I was given the opportunity to run our global engineering and security research organization. This, of course, included Nessus, which until that time was always under the direct guidance of Renaud. To say I felt a bit of pressure would be an understatement. That said, having someone like Renaud put the faith in me that he did is hands down one of the most impactful things to have happened to me. It gave me the confidence I needed to do the job.

Building something that matters to cybersecurity professionals

Minding Renaud’s baby wasn’t my only source of pressure at the time. Taking on responsibility for a product so widely beloved and used as Nessus was its own kind of pressure. The latter is the sort of pressure any engineer wants. For me, there is no bigger joy than knowing that what you are building is going to be used by so many people and that the feature you code or the plugin you write is making a real difference in how cybersecurity professionals work.

One of the most rewarding things about my role is having the opportunity to talk to many of our customers. I have traveled and spoken to customers all over the world, and almost every person I speak to tells me they love Nessus and shares an anecdote about how it has helped them. There are also plenty of examples of non-traditional interactions I have had. One of the coolest occurred a few years ago, during Tenable’s yearly engineer/security research offsite.

I showed up to the resort a day or so before the offsite to verify that all the technical infrastructure was in order. As I walked into the main ballroom, I was greeted by one of the IT folks for the resort. We covered a few housekeeping items. As we were wrapping up, he asked me, “Are you the Nessus guys?” Of course, I replied yes. His face lit up at my response and he quickly left the room, saying he would be right back. After about five minutes, he came back into the room with the resort’s entire 12-person IT staff. They had all stopped what they were doing, so they could come and meet the “Nessus guys.”

Nessus – “It just works”

This experience was the closest thing to a rock-star moment I’ve ever had. I spent a good 30 minutes sitting there and talking to them. They were all so legitimately excited to talk to us. All of them had used Nessus – and not only in their current job, but at every one of their previous employers as well. A few had learned how to use Nessus in school. Nessus was their introduction into cybersecurity. I relayed how Nessus was a big part of my early push into cybersecurity as well. Their feelings toward Nessus were similar to many others I have spoken to. When asked why they like Nessus so much, they answered, “It just works.” There is no better feeling for an engineer than hearing those words.

This is why I love doing what I do. To know so many people out there genuinely love your product is an amazing feeling. To know that it truly reinforces an organization’s security posture is rewarding. There are times when I sit back and look at how fortunate I am. I will always be grateful to Renaud for giving me the opportunity to lead and manage Nessus, which remains as impactful to me now as it was 18 years ago.

Get more information

Share this post and earn Cybytes
Facebook Twitter LinkedIn Email
About Tenable
Tenable™, Inc. is the Cyber Exposure company. Over 24,000 organizations of all sizes around the globe rely on Tenable to manage and measure their modern attack surface to accurately understand and reduce cyber risk. As the creator of Nessus®, Tenable built its platform from the ground up to deeply understand assets, networks and vulnerabilities, extending this knowledge and expertise into™ to deliver the world’s first platform to provide live visibility into any asset on any computing platform. Tenable customers include over 50 percent of the Fortune 500, large government agencies and organizations across the private and public sectors. Learn more at
Promoted Content
Five Steps to Building a Successful Vulnerability Management Program
Is your vulnerability management program struggling? Despite proven technology solutions and the best efforts of IT teams, unresolved vulnerabilities remain an ongoing source of friction and frustration in many organizations. Regardless of how many vulnerabilities are fixed, there will always be vulnerabilities that can’t easily be remediated – and too often, finger-pointing between IT teams and business groups can ensue.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play

Support Cybrary

Donate Here to Get This Month's Donor Badge

Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?