Create a Software Bill of Materials (SBOM)
A Software Bill of Materials (SBOM) is a list of all software installed on a computer. This is extremely useful to quickly identify servers affected by a vulnerability when it is discovered, as happened this week with the Log4Shell CVE-2021-44228 vulnerability.
A SBOM should be created for all computers on the network, and should be updated regularly, especially when a change that affects installed software is implemented.
From an administrator command prompt, run the following command:
wmic /OUTPUT:SBOM.txt product list BRIEF /format:csv
Different flavours of Linux have different tools to list installed software.
One of the following commands should work:
dpkg --list > SBOM.txt
rpm -qa > SBOM.txt
On a Mac, the process is more manual.
- Click the Apple icon in the menu bar of the Finder
- Choose 'About this Mac'
- Click the 'System Report...' button
- Choose 'Applications' under Software in the left panel
- Click one of the applications in the top-right panel, then press Command+A to select all applications
- Click the details in the lower panel, and press Command+A to select all details
- Press Command+C to copy the text
- Paste the text into a text file and save.
These SBOMs should be stored securely, with the hostname noted in the filename, and queried to check which assets have vulnerable software.
I may work on a script to ingest the files and store them in a database.