Shawna McAlearney of SearchSecurity.com writes about why Nessus [is] no longer free.

“Vendors relying on Open Source Nessus won’t automatically get free, timely “plugin” programs after project managers of the popular vulnerability scanner announced a new feed structure that provides the most recent releases for a fee. The move comes after Nessus managers decided too many commercial users contributed nothing to the collaborative program.

“Though no company names were mentioned by Nessus leaders during their recent announcement, the popular vulnerability scanner reportedly is used in many commercial security products and services. A quick Internet search indicated some of those security vendors include StillSecure, VeriSign, IBM Global Services, Counterpane Internet Security, Symantec, AcuNett, ScannerX, and rackAID, among others.

“‘We hit all the MSSPs and vendors that use Nessus and made sure they knew about the recent announcements. I got [responses that ranged from] looks of disbelief to veiled threats in some cases,’ said Ron Gula, a Nessus project manager and president and CTO at Tenable Network Security, which also manages the Nessus project. ‘The vendors who were using Nessus and not contributing anything to it were not happy.’”

[Continue reading Nessus No Longer Free]