secreci.com

Create a Software Bill of Materials (SBOM)

A Software Bill of Materials (SBOM) is a list of all software installed on a computer. This is extremely useful to quickly identify servers affected by a vulnerability when it is discovered, as happened this week with the Log4Shell CVE-2021-44228 vulnerability.

A SBOM should be created for all computers on the network, and should be updated regularly, especially when a change that affects installed software is implemented.

Windows

From an administrator command prompt, run the following command:

wmic /OUTPUT:SBOM.txt product list BRIEF /format:csv

Linux

Different flavours of Linux have different tools to list installed software.
One of the following commands should work:

dpkg --list > SBOM.txt
rpm -qa > SBOM.txt

MacOS

On a Mac, the process is more manual.

  1. Click the Apple icon in the menu bar of the Finder
  2. Choose 'About this Mac'
  3. Click the 'System Report...' button
  4. Choose 'Applications' under Software in the left panel
  5. Click one of the applications in the top-right panel, then press Command+A to select all applications
  6. Click the details in the lower panel, and press Command+A to select all details
  7. Press Command+C to copy the text
  8. Paste the text into a text file and save.

These SBOMs should be stored securely, with the hostname noted in the filename, and queried to check which assets have vulnerable software.

I may work on a script to ingest the files and store them in a database.

Home Icon of a house with a precipitous roof Home