Thoughts on integrating a network vulnerability scanner #15851
Replies: 1 comment 1 reply
-
|
I'm not sure if this should be integrated into NetBox. A vulnerability scanner has a wide range of permissions in firewalls etc. and I hesitate to give the NetBox server these permissions as well. For the same reasons, I personally prefer not to give push access to such a security scanner. However, I think the IPAM data can certainly be retrieved from an external system via the NetBox API. Users could then find the same structure in the scanner as in NetBox, so navigation would remain easy and familiar. |
Beta Was this translation helpful? Give feedback.
-
|
That's a fair assessment. Perhaps it would be better to make a plugin that integrates with a separate vulnerability scanner running on a different system/container. Then the plugin would push and pull data from NetBox and the scanner. For example, there could be a tab on a device, like a server or switch, that has a list of discovered vulnerabilities that the scanner found. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Has anyone considered implementing/integrating a network vulnerability scanner into Netbox? I was thinking of a theoretical plugin that would get all of the devices with an IP assigned to an interface and use Nmap, OpenVAS, or another tool to scan the device. The results could then be reported back in NetBox on a per-device basis.
Any suggestions or feedback is much appreciated!
Beta Was this translation helpful? Give feedback.
All reactions