Paloalto

Nexpose -> Palo Alto integration Gem.

With this Gem an integration between Nexpose Dynamic Asset Groups and Palo Alto's PAN TAGs. By using this integration, dynamic asset groups could be setup in Nexpose that correspond to groups in PAN with applicable policies.

For example:

Create a DAG in Nexpose which affects a particular vulnerability (Heartbleed).
Define a policy in PAN to block SSL (mitigates temporarily Heartbleed).
Run this Gem with the Hearbleed DAG in the configuration.
All assets identified by Nexpose will be registered in PAN.
Apply PAN Heartbleed Policy on the created group.

Installation

Add this line to your application's Gemfile:

gem 'paloalto'

And then execute:

$ bundle

Or install it yourself as:

$ gem install paloalto

Usage

Follow these steps once installed:

Modify the file nexpose_paloalto.rb under the bin folder, and add the DAGs to report on.
Add the following Environment variables, with your respective information:

NEXPOSE_URL

NEXPOSE_USERNAME

NEXPOSE_PASSWORD

PAN_URL

PAN_USERNAME

PAN_PASSWORD

For Linux systems, make sure they are added to the current environment where the gem is run.

For Windows systems, make sure they are on the Environment Variables section in your Control Panel.

Run the command 'nexpose_paloalto' under the bin folder.
(Optional) Review the log file under the logs folder in the Gem path.

For any support requests, please email [email protected] with a description of the issue and any logs available.