Nessus is an open source, complete, cross-platform vulnerability scanner with command-line and GUI. It is one of the most common vulnerability assessment tools currently in use. While you can download your copy of Nessus from tenable security website, the update process changed several years ago.
The developers of Nessus have structured the program so that real-time plug-in updates need a fee. The purpose is that those who pay a fee will get real-time plug-in updates, whereas those who register will receive updates that are old. There is also still a feed that is available to the people. This option makes plug-ins available that have been written by the general public.
The idea of Nessus was first developed in the late 1990s by Renaud Deraison. Nessus was considered as an open source application that would provide fast updates by community members who could develop their own plug-ins for their use or that of the community. Nessus is a must-have tool for anyone developing a network security lab. Just think the other commercial offerings that use Nessus as an element of their product: IBM, VeriSign, Symantec, and ScannerX are just a few of them. Other developers currently use or have used Nessus as a part of a commercial product they offer.
Nessus is very good for finding a platform and network device vulnerabilities (such as missing patches and misconfigurations). It is updated regularly and best of all it is free (even the paid license is cheap when compared to other products).