Zabbix Threat Control Featured Popular
Оur plugin transforms your Zabbix monitoring system into vulnerability, risk and security management system for your infrastructuru using Vulners API.
What the plugin does
It provides Zabbix with information about vulnerabilities existing in your entire infrastructure and suggests easily applicable remediation plans.
Information is displayed in Zabbix in the following format:
- Maximum CVSS score for each server.
- Command for fixing all detected vulnerabilities for each server.
- List of security bulletins with descriptions for vulnerable packages valid for your infrastructure.
- List of all vulnerable packages in your infrastructure.
Security bulletins and packages information includes:
- Impact index for the infrastructure.
- CVSS score of a package or a bulletin.
- Number of affected servers.
- A detailed list of affected hosts.
- Hyperlink to the description of a bulletin.
Sometimes it is impossible to update all packages on all servers to a version that fixes existing vulnerabilities. The proposed representation permits you to selectively update servers or packages.
This approach allows one to fix vulnerabilities using different strategies:
- all vulnerabilities on a specific server;
- a single vulnerability in the entire infrastructure.
This can be done directly from Zabbix (using its standard functionality) either on the administrator command or automatically.
How the plugin works
- Using Zabbix API, the plugin receives lists of installed packages, names and versions of the OS from all the servers in the infrastructure (if the "Vulners OS-Report" template is linked with them).
- Transmits the data to Vulners
- Receives information on the vulnerabilities for each server.
- Processes the received information, aggregates it and sends it back to Zabbix via zabbix-sender.
- Finally the result is displayed in Zabbix.
Requirements
- python 3 (only for ztc scripts)
- python modules: pyzabbix, jpath, requests
- zabbix version 3.4 is required to create a custom dashboard.
- zabbix-agent for collect data and run scripts.
- zabbix-sender utility for sending data to zabbix-server.