Netbox Nbrisk
Netbox Plugin inspired in NIST 800-30 Risk Management
Compatibility
This plugin in compatible with NetBox 3.4.0 and later.
Installation
The plugin is available as a Python package and can be installed with pip. To ensure NBRisk plugin is automatically re-installed during future upgrades, create a file named local_requirements.txt (if not already existing) in the NetBox root directory (alongside requirements.txt) and list the NBRisk package:
For NetBox 3.4.x
# echo "NbRisk==34.*" >> local_requirements.txt For NetBox 3.5.0 to 3.5.7
# echo "NbRisk==35.0.*" >> local_requirements.txt For NetBox 3.5.8 to 3.7.x
# echo "NbRisk==35.1.*" >> local_requirements.txt For NetBox 4.0.0 or grater
# echo "NbRisk==40.0.*" >> local_requirements.txt Before installing NBRisk make sure your NetBox instance is already installed with all migrations executed. With your NetBox fully installed, install the plugin with pip and enable it in your configuration.py
# In your configuration.py
PLUGINS = ["nb_risk"]First run
source /opt/netbox/venv/bin/activateto enter the Python virtual environment.
Then run
cd /opt/netbox/netbox
pip install NbRisk
python3 manage.py migrate nb_riskConfiguration
To assign vulnerabilities to a specific model in NB Risk, you can add the following code to the PLUGINS_CONFIG section of your netbox/configuration.py file, using the additional_assets parameter:
PLUGINS_CONFIG = {
'nb_risk': {
'additional_assets': [
'app_label.model_name',
],
},
}Replace app_label and model_name based in the model you want to add. For example, if you want to assign vulnerabilities to the platform model in the dcim app, you would use 'dcim.platform' as shown in the example below:
PLUGINS_CONFIG = {
'nb_risk': {
'additional_assets': [
'dcim.platform',
],
},
}Note that you can specify multiple models by adding them to the additional_assets list.
Screenshots
Plugin Menu
Vulnerability View
Affected Assets
Device Vulnerabilities
Threat Event View
Risks View
