Skip to content

Littlericket/nbrisk

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

31 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Netbox Nbrisk

Netbox Plugin inspired in NIST 800-30 Risk Management

Compatibility

This plugin in compatible with NetBox 3.4.0 and later.

Installation

The plugin is available as a Python package and can be installed with pip. To ensure NBRisk plugin is automatically re-installed during future upgrades, create a file named local_requirements.txt (if not already existing) in the NetBox root directory (alongside requirements.txt) and list the NBRisk package:

For NetBox 3.4.x

# echo "NbRisk==34.*" >> local_requirements.txt 

For NetBox 3.5.0 to 3.5.7

# echo "NbRisk==35.0.*" >> local_requirements.txt 

For NetBox 3.5.8 or grater

# echo "NbRisk==35.1.*" >> local_requirements.txt 

Once installed, the plugin needs to be enabled in your configuration.py

# In your configuration.py
PLUGINS = ["nb_risk"]

First run

source /opt/netbox/venv/bin/activate

to enter the Python virtual environment.

Then run

cd /opt/netbox/netbox
pip install NbRisk
python3 manage.py migrate nb_risk

Configuration

To assign vulnerabilities to a specific model in NB Risk, you can add the following code to the PLUGINS_CONFIG section of your netbox/configuration.py file, using the additional_assets parameter:

PLUGINS_CONFIG = {
    'nb_risk': {
        'additional_assets': [
            'app_label.model_name',
        ],
    },
}

Replace app_label and model_name based in the model you want to add. For example, if you want to assign vulnerabilities to the platform model in the dcim app, you would use 'dcim.platform' as shown in the example below:

PLUGINS_CONFIG = {
    'nb_risk': {
        'additional_assets': [
            'dcim.platform',
        ],
    },
}

Note that you can specify multiple models by adding them to the additional_assets list.

Screenshots

Plugin Menu

image

Vulnerability View

image

Affected Assets

image

Device Vulnerabilities

image

Threat Event View

image

Risks View

image

About

NIST 800-30 Risk Management for Netbox

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 85.2%
  • HTML 12.4%
  • Makefile 1.4%
  • Dockerfile 1.0%