Skip to content

renatoalmeidaoliveira/nbrisk

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Netbox Nbrisk

Netbox Plugin inspired in NIST 800-30 Risk Management

Compatibility

This plugin in compatible with NetBox 3.4.0 and later.

Installation

The plugin is available as a Python package and can be installed with pip. To ensure NBRisk plugin is automatically re-installed during future upgrades, create a file named local_requirements.txt (if not already existing) in the NetBox root directory (alongside requirements.txt) and list the NBRisk package:

For NetBox 3.4.x

# echo "NbRisk==34.*" >> local_requirements.txt 

For NetBox 3.5.0 to 3.5.7

# echo "NbRisk==35.0.*" >> local_requirements.txt 

For NetBox 3.5.8 to 3.7.x

# echo "NbRisk==35.1.*" >> local_requirements.txt 

For NetBox 4.0.0 or grater

# echo "NbRisk==40.0.*" >> local_requirements.txt 

For NetBox 4.1.0 or grater

# echo "NbRisk==41.0.*" >> local_requirements.txt 

Before installing NBRisk make sure your NetBox instance is already installed with all migrations executed. With your NetBox fully installed, install the plugin with pip and enable it in your configuration.py

# In your configuration.py
PLUGINS = ["nb_risk"]

First run

source /opt/netbox/venv/bin/activate

to enter the Python virtual environment.

Then run

cd /opt/netbox/netbox
pip install NbRisk
python3 manage.py migrate nb_risk

Configuration

To assign vulnerabilities to a specific model in NB Risk, you can add the following code to the PLUGINS_CONFIG section of your netbox/configuration.py file, using the additional_assets parameter:

PLUGINS_CONFIG = {
    'nb_risk': {
        'additional_assets': [
            'app_label.model_name',
        ],
    },
}

Replace app_label and model_name based in the model you want to add. For example, if you want to assign vulnerabilities to the platform model in the dcim app, you would use 'dcim.platform' as shown in the example below:

PLUGINS_CONFIG = {
    'nb_risk': {
        'additional_assets': [
            'dcim.platform',
        ],
    },
}

Note that you can specify multiple models by adding them to the additional_assets list.

Screenshots

Plugin Menu

image

Vulnerability View

image

Affected Assets

image

Device Vulnerabilities

image

Threat Event View

image

Risks View

image