Stenobird

Episode

D2DO281: Faddom: Providing a Unified Source of Truth for Security and IT Operations (Sponsored)

Podcast
Day Two DevOps
Published
Sep 3, 2025
Duration seconds
2713
Processing state
processed
Canonical source
https://packetpushers.net/podcasts/day-two-devops/d2do281-faddom-providing-a-unified-source-of-truth-for-security-and-it-operations-sponsored/
Audio
https://feeds.packetpushers.net/link/20975/17135226/D2DO281.mp3
JSON
/v1/public/podcasts/day-two-devops/episodes/d2do281-faddom-providing-a-unified-source-of-truth-for-security-and-it-operations-sponsored
Markdown
/podcast/day-two-devops/d2do281-faddom-providing-a-unified-source-of-truth-for-security-and-it-operations-sponsored.md

Actions

  • POST https://stenobird.com/v1/public/podcasts/day-two-devops/episodes/d2do281-faddom-providing-a-unified-source-of-truth-for-security-and-it-operations-sponsored/transcription-requests
    Idempotently request low-priority transcript generation for this episode.
  • GET https://stenobird.com/podcast/day-two-devops/d2do281-faddom-providing-a-unified-source-of-truth-for-security-and-it-operations-sponsored.md
    Read the agent-friendly Markdown representation of this episode resource.

Summary

Faddom replaces unreliable, static CMDBs with real-time, runtime-based application dependency mapping. The platform provides a unified source of truth by observing actual network traffic to automate infrastructure inventory and security visibility.

Topics

  • Application Dependency Mapping
  • Infrastructure Inventory
  • CMDB
  • Network Security
  • Hybrid Cloud
  • Micro-segmentation
  • Kubernetes
  • IT Operations

Highlights

  • Main idea: Traditional CMDBs fail because they rely on static configurations rather than observing actual real-time network traffic
  • Practical takeaway: Use runtime-based discovery to identify undocumented dependencies and prevent accidental outages during maintenance or migrations
  • Failure mode: Relying on manual documentation or configuration files leads to 'shadow' infrastructure and unmanaged lateral movement risks
  • Security benefit: Proactive visibility enables effective micro-segmentation and the detection of anomalous lateral movement within applications
  • Deployment flexibility: Faddom operates as an on-premise solution to ensure sensitive customer data never leaves the local environment

Chapters

  1. 1:00 The Origin of Faddom: The founders discuss their transition from mapping software functions to mapping real-time server and infrastructure dependencies.
  2. 7:35 Visibility in Kubernetes and Cloud: Exploring the challenges of maintaining visibility within complex Kubernetes and hybrid cloud environments.
  3. 10:50 The Failure of Traditional CMDBs: Why heavyweight, data-heavy CMDBs struggle to support modern, dynamic services and why too much data can be a hindrance.
  4. 18:00 Privacy and On-Premise Deployment: A discussion on Faddom's architecture as an on-premise solution that keeps all discovery data within the customer's control.
  5. 21:30 Multi-Cloud and Hypervisor Support: Details on supporting VMware, Nutanix, AWS, Azure, and GCP, including lightweight agent options for managed environments.
  6. 24:40 Traffic as the Source of Truth: The importance of using actual network traffic—which 'doesn't lie'—to validate infrastructure maps and security policies.
  7. 28:05 Security, Micro-segmentation, and Anomaly Detection: How real-time mapping assists in implementing micro-segmentation and detecting lateral movement by attackers.