# D2DO281: Faddom: Providing a Unified Source of Truth for Security and IT Operations (Sponsored) Page: https://stenobird.com/podcast/day-two-devops/d2do281-faddom-providing-a-unified-source-of-truth-for-security-and-it-operations-sponsored Text version: https://stenobird.com/podcast/day-two-devops/d2do281-faddom-providing-a-unified-source-of-truth-for-security-and-it-operations-sponsored.md Podcast: [Day Two DevOps](https://stenobird.com/podcast/day-two-devops) Published: 2025-09-03T14:04:34+00:00 Episode link: https://packetpushers.net/podcasts/day-two-devops/d2do281-faddom-providing-a-unified-source-of-truth-for-security-and-it-operations-sponsored/ Audio file: https://feeds.packetpushers.net/link/20975/17135226/D2DO281.mp3 Processing state: processed JSON: https://stenobird.com/v1/public/podcasts/day-two-devops/episodes/d2do281-faddom-providing-a-unified-source-of-truth-for-security-and-it-operations-sponsored Duration seconds: 2713 ## Resource Faddom replaces unreliable, static CMDBs with real-time, runtime-based application dependency mapping. The platform provides a unified source of truth by observing actual network traffic to automate infrastructure inventory and security visibility. ## Highlights - Main idea: Traditional CMDBs fail because they rely on static configurations rather than observing actual real-time network traffic - Practical takeaway: Use runtime-based discovery to identify undocumented dependencies and prevent accidental outages during maintenance or migrations - Failure mode: Relying on manual documentation or configuration files leads to 'shadow' infrastructure and unmanaged lateral movement risks - Security benefit: Proactive visibility enables effective micro-segmentation and the detection of anomalous lateral movement within applications - Deployment flexibility: Faddom operates as an on-premise solution to ensure sensitive customer data never leaves the local environment ## Topics Application Dependency Mapping, Infrastructure Inventory, CMDB, Network Security, Hybrid Cloud, Micro-segmentation, Kubernetes, IT Operations ## Chapters - 1:00 — The Origin of Faddom: The founders discuss their transition from mapping software functions to mapping real-time server and infrastructure dependencies. - 7:35 — Visibility in Kubernetes and Cloud: Exploring the challenges of maintaining visibility within complex Kubernetes and hybrid cloud environments. - 10:50 — The Failure of Traditional CMDBs: Why heavyweight, data-heavy CMDBs struggle to support modern, dynamic services and why too much data can be a hindrance. - 18:00 — Privacy and On-Premise Deployment: A discussion on Faddom's architecture as an on-premise solution that keeps all discovery data within the customer's control. - 21:30 — Multi-Cloud and Hypervisor Support: Details on supporting VMware, Nutanix, AWS, Azure, and GCP, including lightweight agent options for managed environments. - 24:40 — Traffic as the Source of Truth: The importance of using actual network traffic—which 'doesn't lie'—to validate infrastructure maps and security policies. - 28:05 — Security, Micro-segmentation, and Anomaly Detection: How real-time mapping assists in implementing micro-segmentation and detecting lateral movement by attackers. ## Actions - request_transcript: `POST https://stenobird.com/v1/public/podcasts/day-two-devops/episodes/d2do281-faddom-providing-a-unified-source-of-truth-for-security-and-it-operations-sponsored/transcription-requests` — Idempotently request low-priority transcript generation for this episode. - read_markdown: `GET https://stenobird.com/podcast/day-two-devops/d2do281-faddom-providing-a-unified-source-of-truth-for-security-and-it-operations-sponsored.md` — Read the agent-friendly Markdown representation of this episode resource. A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed. ## Transcript Full transcripts are not published on public pages unless there is a clear rights basis.