Netbox Plugin inspired in NIST 800-30 Risk Management
This plugin in compatible with NetBox 3.4.0 and later.
The plugin is available as a Python package and can be installed with pip. To ensure NBRisk plugin is automatically re-installed during future upgrades, create a file named local_requirements.txt (if not already existing) in the NetBox root directory (alongside requirements.txt) and list the NBRisk package:
# echo "NbRisk==34.*" >> local_requirements.txt
# echo "NbRisk==35.0.*" >> local_requirements.txt
# echo "NbRisk==35.1.*" >> local_requirements.txt
# echo "NbRisk==40.0.*" >> local_requirements.txt
# echo "NbRisk==41.0.*" >> local_requirements.txt
Before installing NBRisk make sure your NetBox instance is already installed with all migrations executed. With your NetBox fully installed, install the plugin with pip and enable it in your configuration.py
# In your configuration.py
PLUGINS = ["nb_risk"]
First run
source /opt/netbox/venv/bin/activate
to enter the Python virtual environment.
Then run
cd /opt/netbox/netbox
pip install NbRisk
python3 manage.py migrate nb_risk
To assign vulnerabilities to a specific model in NB Risk, you can add the following code to the PLUGINS_CONFIG
section of your netbox/configuration.py
file, using the additional_assets
parameter:
PLUGINS_CONFIG = {
'nb_risk': {
'additional_assets': [
'app_label.model_name',
],
},
}
Replace app_label
and model_name
based in the model you want to add. For example, if you want to assign vulnerabilities to the platform model in the dcim app, you would use 'dcim.platform' as shown in the example below:
PLUGINS_CONFIG = {
'nb_risk': {
'additional_assets': [
'dcim.platform',
],
},
}
Note that you can specify multiple models by adding them to the additional_assets
list.