logo

From SBOMs to IBOMs - Know What's Happening in Your Clusters

2023-04-19

Authors:   Ido Neeman


Summary

Importance of IBOM and Cloud Native CMDB in Cloud Infrastructure Management
  • IBOM is important for compliance and professional implications
  • Legacy IT had a detailed CMDB for on-prem data centers
  • Cloud infrastructure is more complex and changes faster
  • Cloud Native CMDB is needed to control and see everything in the infrastructure
  • Drifts are key to eliminating deviations from desired state
The speaker shared an anecdote about a company that had an entire environment up and running for three years after a software engineer left the company. The company thought that if the HR management SAS solution marked this employee as a non-employee, it would take down everything, but it didn't take down the cloud infrastructure for it. This led to significant security weakness and more than 100K in unneeded expenses.

Abstract

The acronym SBOM (AKA Software Bill of Materials) has become a household term in the wake of the many software supply chain attacks we've witnessed recently - from SolarWinds, Log4j, to CodeCov and many others. While much effort and research has gone into tooling and building SBOMs, very little has yet to be done on the infrastructure side. In this talk I'd like to dive into why an IBOM (infrastructure bill of materials) is equally important with cloud native infrastructure ultimately being software defined and driven, and how no SBOM is complete without a full inventory of your infrastructure stacks. We'll walk into the tools that will enable you to get an equivalent understanding of what is happening in your cloud native infrastructure including which assets, packages and applications are running where - and how this is all only possible with end-to-end codification. We'll review why this matters from a security perspective - from your service dependencies, to IAM roles, security groups, and even misconfigurations to ensure your infrastructure is properly provisioned and continuously monitored. We'll wrap up with how to leverage your IBOM not only for cost optimization, but also for removing cloud clutter, to reduce your potential attack service.

Materials: