Zabbix Share

Zabbix templates, modules & more
Log in
Choose social to login:
Login With Google
Login With Github

Nav view search

Navigation

Advanced Search
  • Applications
    • 1C
    • Anti-Virus
    • Backup
    • Bug and issue tracking
    • Cluster
    • Clustered File Systems
    • DNS
    • Excel Export
    • Firewall
    • HelpDesk System
    • High Availability (HA)
    • Java Application
    • Mail servers
    • Misc
    • Monitoring System
    • NFS
    • NTP
    • Others
    • Pi-Hole
    • Process Managers
    • Queue managers
    • Security
    • SIEM
    • Skype
    • Ticketing System
    • Time synchronization
    • TV Broadcasting
    • Web-servers
  • Cloud
  • Databases
  • Network Appliances
  • Network Devices
  • Official Templates
  • Operating Systems
  • Power (UPS)
  • Printers
  • SCADA, IoT, Energy, Home Automation, Industrial monitoring
  • Server Hardware
  • Storage Devices
  • Telephony
  • Unsorted
  • Virtualization
  • Zabbix
  • Recently Added
  • Recently Updated
  • Popular
  • Most Rated
  • Top Rated
  • Most Reviewed

Zabbix Threat Control Featured Popular

  • 462.png

Оur plugin transforms your Zabbix monitoring system into vulnerability, risk and security management system for your infrastructuru using Vulners API.

What the plugin does

It provides Zabbix with information about vulnerabilities existing in your entire infrastructure and suggests easily applicable remediation plans.

Information is displayed in Zabbix in the following format: 

  • Maximum CVSS score for each server.
  • Command for fixing all detected vulnerabilities for each server.
  • List of security bulletins with descriptions for vulnerable packages valid for your infrastructure.
  • List of all vulnerable packages in your infrastructure.

Security bulletins and packages information includes:

  • Impact index for the infrastructure.
  • CVSS score of a package or a bulletin.
  • Number of affected servers.
  • A detailed list of affected hosts.
  • Hyperlink to the description of a bulletin.

Sometimes it is impossible to update all packages on all servers to a version that fixes existing vulnerabilities. The proposed representation permits you to selectively update servers or packages.

This approach allows one to fix vulnerabilities using different strategies:

  • all vulnerabilities on a specific server;
  • a single vulnerability in the entire infrastructure.

This can be done directly from Zabbix (using its standard functionality) either on the administrator command or automatically.

How the plugin works

  • Using Zabbix API, the plugin receives lists of installed packages, names and versions of the OS from all the servers in the infrastructure (if the "Vulners OS-Report" template is linked with them).
  • Transmits the data to Vulners
  • Receives information on the vulnerabilities for each server.
  • Processes the received information, aggregates it and sends it back to Zabbix via zabbix-sender.
  • Finally the result is displayed in Zabbix.

Requirements

  • python 3 (only for ztc scripts)
  • python modules: pyzabbix, jpath, requests
  • zabbix version 3.4 is required to create a custom dashboard.
  • zabbix-agent for collect data and run scripts.
  • zabbix-sender utility for sending data to zabbix-server.

 

Read the installation manual at our GitHub page

Rating
502
2 votes

Listing Details

Type
Module
Min Zabbix version
3.4.x
Features
  • Zabbix Agent
  • Custom Script
  • Other
Link
github.com/vulnersCom/zabbix-threat-control
Created
2018-06-18
Modified
2018-10-01 20:27:07
Tags
security, patch management, vulnerability, vulnerability assessment, vulners, sc
Author
Nikolay Samosvat [Vulners Team]
Owner
Vulners Team
RecommendReportOwner's listing
All resources created by third parties; use at your own risk
© 2001-2018 by Zabbix SIA. All rights reserved. Trademark Policy · Contact us