Converging Security and Network Operations: Vulnerability Management with Sol1’s GVM (OpenVAS) Integration for NetBox

We’re excited to share the work that our partner Sol1 has been doing. In this guest blog post, Dave Kempe, founder of Sol1, shares how the integrations they’re building are helping security and network teams collaborate smoothly and effectively.

As businesses scale, managing network vulnerabilities becomes increasingly critical. Security teams need to monitor and mitigate risks while network operations focus on maintaining infrastructure reliability. Ensuring smooth collaboration between these teams is essential to prevent security gaps from becoming costly problems. At Sol1, we’ve developed an integration between Greenbone Vulnerability Manager (GVM)  and NetBox to address this challenge, bringing security insights directly into the network management space.

The GVM integration with NetBox brings together vulnerability data with your network source of truth.

Enhancing Vulnerability Visibility with NetBox

Our integration allows GVM (formerly known as OpenVAS) to feed vulnerability data directly into NetBox, making it easier for both security and network teams to act on the latest security insights without switching between different tools. This automated process ensures that vulnerabilities are not only visible but also actionable within the network management platform that teams are already using.

Key features of the integration include:

  1. Seamless GVM Data Synchronization: The integration connects GVM directly to NetBox, automatically pulling in high-severity vulnerabilities from scans. These vulnerabilities are then linked to their associated IP addresses and devices within NetBox, giving your team immediate access to critical security information in a familiar environment and ensuring both security and network teams can leverage an aligned source of truth. As a result, network engineers can see vulnerability details linked to devices they manage, improving response times and reducing communication bottlenecks between teams.
  2. Vulnerability Tagging for IPs and Devices: High-severity vulnerabilities identified by GVM are automatically tagged in NetBox, not only at the IP address level but also on the parent device (coming soon). This tagging makes it easy for network engineers to see which devices are at risk and prioritize remediation accordingly. Only vulnerabilities marked as “High” severity are tagged, ensuring your team can focus on the most serious issues. Now, we take time and human error out of the equation in communicating between security and networking, ensuring critical vulnerabilities are always visible and up-to-date.
  3. Automatic Tag Removal: The integration will remove the “vulnerability” tag when a follow-up scan indicates that the device or IP is no longer vulnerable to high-severity issues. This ensures that NetBox always reflects the most current security status.
  4. Detailed Journal Entries: For each identified vulnerability, a journal entry is created on the associated IP address in NetBox, providing an audit trail that tracks the detection and resolution of vulnerabilities over time. This helps both security and network teams keep detailed records of vulnerabilities and remediation efforts. Journal entries are invaluable for compliance and security reviews.
  5. DNS Name and Prefix Management: The integration also updates missing DNS names for IP addresses based on GVM scan data and dynamically manages network prefixes in NetBox. This keeps your network infrastructure records up to date with the latest vulnerability scans.
Detailed journal entries capture full information about detected vulnerabilities, right in NetBox

Getting Started with GVM and Sol1

The GVM integration for NetBox is commercially available to Sol1 customers, and it’s easy to get up and running. GVM is included in Kali Linux and easy to use in other distributions, so it’s straightforward to spin up a virtual machine and begin scanning your network for vulnerabilities. The Sol1 team can then work with you to configure and deploy the GVM-NetBox integration, ensuring that your teams have the tools they need to manage security risks efficiently. Just get in touch with us via the Sol1 website, and we’d be happy to help!

About Sol1

Sol1 is a NetBox Labs Expert Partner, providing commercial support for this GVM integration with NetBox and many other NetBox integrations. With decades of experience in IT services, Sol1 specializes in network automation, security solutions, and custom integrations. By partnering with Sol1, you gain access to a team of experts dedicated to helping you secure and manage your infrastructure with ease.

Share the Post:

Related Posts