Listening to this podcast made me think of all those meetings where I'm talking to infrastructure teams about the necessary metadata for segmentation and they say to me, "CMDB? Yeah, ours is perfect. No sweat." Oh wait, that's never happened.
It will be no surprise to hear that the vast majority of CMDBs are incomplete, inaccurate, and often confusing.
That's ok (and the norm). Sometimes a cliche says it best: don't let perfect be the enemy of good.
We've identified four pieces of metadata for each server needed for successful segmentation: role, application, environment, and location. Depending on your segmentation strategy, you might not even need all four. I can almost guarantee that information is somewhere - hostnames, spreadsheets, some field buried in the CMDB, etc.
Not perfect? Not complete? No problem. Let the application dependency map that goes hand-in-hand with segmentation fill in some of those gaps. You will get there and perhaps you'll end up seeing one of side effects of successful segmentation: an improved CMDB.
I mean, that’s one of the things that we’ve seen organizations struggle with, is not having a thorough, robust CMDB and asset registry in place, and that can really be a point of issue for a SOC