I would like to suggest to include the early version of openVAS in BT3 (of course only if it does not delay the release :-).
"OpenVAS stands for Open Vulnerability Assessment System and is a network security scanner with associated tools like a graphical user fontend. The core is a server component with a set of network vulnerability tests (NVTs) to detect security problems in remote systems and applications.
OpenVAS products are Free Software under GNU GPL and a fork of Nessus 2.2"
I think this would be a real killer feature for the professional use of your CD.