Nessus at 20: Why It’s More Than a Product to Me
In honor of the 20th anniversary of Nessus this year, we've been asking users around the world to answer the question, "I love Nessus because...." Here, Tenable's VP and Deputy CTO Glen Pendley does just that, sharing his experiences working with Nessus over the past two decades – and tells us how it delivered his first rock-star moment.
Editor's Note: This blog post was updated on Monday, October 1, to include a look at the new features introduced in Nessus 8.
Has your life ever been changed by a piece of software? As we celebrate the 20th anniversary of Nessus this year, I've come to realize how much it means to me, personally, to have been responsible for continuing the legacy of Nessus® creator Renaud Deraison– and how much of a role the product has played in the course of my own career.
Renaud (left) and Glen (right) at Tenable's Init Hackathon.
The early days of Nessus, the early days of cybersecurity
My first interaction with Nessus was in the late 1990s and early 2000s while I was in the United States Marine Corps. At the time, cybersecurity had started to really become a thing. These early interactions with Nessus pushed me to pursue a career in cybersecurity, rather than general software engineering. I clearly remember how my eyes were opened when I first started looking through the results of a Nessus scan. At that time, if you had a firewall at your perimeter and AV running on your machines, you believed you were “secure.” What I saw through Nessus not only introduced me to the ways someone could exploit a system, it also gave me a much better understanding of how a system functions.
A few years later, I was able to secure a position at Tenable where I ran engineering for SecurityCenter®. After my first two years at Tenable, I was given the opportunity to run our global engineering and security research organization. This, of course, included Nessus, which until that time was always under the direct guidance of Renaud. To say I felt a bit of pressure would be an understatement. That said, having someone like Renaud put the faith in me that he did is hands down one of the most impactful things to have happened to me. It gave me the confidence I needed to do the job.
Building something that matters to cybersecurity professionals
Minding Renaud’s baby wasn’t my only source of pressure at the time. Taking on responsibility for a product so widely beloved and used as Nessus was its own kind of pressure. The latter is the sort of pressure any engineer wants. For me, there is no bigger joy than knowing that what you are building is going to be used by so many people and that the feature you code or the plugin you write is making a real difference in how cybersecurity professionals work.
One of the most rewarding things about my role is having the opportunity to talk to many of our customers. I have traveled and spoken to customers all over the world, and almost every person I speak to tells me they love Nessus and shares an anecdote about how it has helped them. There are also plenty of examples of non-traditional interactions I have had. One of the coolest occurred a few years ago, during Tenable’s yearly engineer/security research offsite.
I showed up to the resort a day or so before the offsite to verify that all the technical infrastructure was in order. As I walked into the main ballroom, I was greeted by one of the IT folks for the resort. We covered a few housekeeping items. As we were wrapping up, he asked me, “Are you the Nessus guys?” Of course, I replied yes. His face lit up at my response and he quickly left the room, saying he would be right back. After about five minutes, he came back into the room with the resort’s entire 12-person IT staff. They had all stopped what they were doing, so they could come and meet the “Nessus guys.”
Nessus – “It just works”
This experience was the closest thing to a rock-star moment I’ve ever had. I spent a good 30 minutes sitting there and talking to them. They were all so legitimately excited to talk to us. All of them had used Nessus – and not only in their current job, but at every one of their previous employers as well. A few had learned how to use Nessus in school. Nessus was their introduction into cybersecurity. I relayed how Nessus was a big part of my early push into cybersecurity as well. Their feelings toward Nessus were similar to many others I have spoken to. When asked why they like Nessus so much, they answered, “It just works.” There is no better feeling for an engineer than hearing those words.
This is why I love doing what I do. To know so many people out there genuinely love your product is an amazing feeling. To know that it truly reinforces an organization’s security posture is rewarding. There are times when I sit back and look at how fortunate I am. I will always be grateful to Renaud for giving me the opportunity to lead and manage Nessus, which remains as impactful to me now as it was 18 years ago.
Learn more about Nessus
Here's a look at new features we're introducing with Nessus 8:
Cybersecurity News You Can Use
Enter your email and never miss timely alerts and security guidance from the experts at Tenable.