Description

Gotterblick is a simple vulnerability management tool that allows you to easily manage the vulnerabilities found in your company. In addition, you can perform risk assessments for each vulnerability. To calculate the risk level, we base our method on the OWASP Risk Assessment System. This project was created for small companies that do not have a defined security structure and do not require a large tool for simple management.

Install and configure in development

Install the dependencies with Pipenv:

pipenv install --dev
pipenv shell
cd gotterblick/

Apply the database migrations:

./manage.py migrate

Start the application:

./manage.py gotterblick_run

Import data

Instead of loading data one by one in Gotterblick Admin, you can import data with the following commands (in JSON format):

./manage.py gotterblick_import_asset_types FILE
./manage.py gotterblick_import_assets FILE
./manage.py gotterblick_import_cwes FILE
./manage.py gotterblick_import_statuses FILE
./manage.py gotterblick_import_users FILE
./manage.py gotterblick_import_vulnerabilities FILE

You can check these examples here.

Administrator

You must create a superuser account:

export DJANGO_SUPERUSER_USERNAME=<username>
export DJANGO_SUPERUSER_EMAIL=<email>
export DJANGO_SUPERUSER_PASSWORD=<password>

./manage.py createsuperuser --noinput