Home - Results from #15

The January 16, 2025, Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity underscores the White House’s commitment to protecting the country’s critical infrastructure and digital ecosystem. Recognizing the persistent and evolving nature of cyber threats, this Executive Order sets forth a series of bold initiatives designed to enhance cybersecurity across federal agencies and the private sector. By emphasizing collaboration, technological innovation, and best practices in software development and deployment, it pushes the nation toward a more secure digital future. Central to these efforts, Section 2 spotlights Software Bills of Materials (SBOMs)—a proactive measure to ensure improved transparency, accountability, and trust in software supply chains.

Link to the White House: Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity

Infrastructure as code has revolutionized how we build and maintain our systems. If you're reading this, you're probably already sold on Terraform's ability to create reproducible infrastructure. But when someone mentions adding a Software Bill of Materials (SBOM) to your modules, you might be thinking, "Really? More documentation? I already have my code commented and my README up to date!"

Trust me, I get it. As developers, we often view documentation as a necessary evil, something we do because we have to, not because we want to. And if you're an open source enthusiast or OpenTofu user, you might be especially skeptical - after all, isn't open source all about transparency already? Why add another layer of documentation?

But here's the thing: SBOMs aren't just documentation. They're a powerful tool that's becoming increasingly crucial in our complex, interconnected infrastructure landscape. Let me show you why, without the corporate buzzwords and compliance scaremongering.

This video explains in detail how to use Vault in conjunction with a Hardware Security Module (HSM), how to initialize Vault against an HSM, how to configure and use HSM Auto-Unseal, and how to test the entire setup within the scope of a Proof of Concept (PoC).

A step-by-step workshop designed for parallel participation.

The language is German with optional English subtitles. A PDF in English language is available for download.

Infrastructure-as-Code (IaC) has transformed from a technical approach into a fundamental business necessity. At ICT.technology, we've seen (and experienced) for more than a decade firsthand how proper implementation of IaC and automation can dramatically improve operational efficiency, security, and business agility. We share some of our insights and learnings in this article.

Page 4 of 4

Terraform @ Scale - Part 1b: Multi-Tenancy Architectural Example for Modular Cloud Infrastructures

Terraform @ Scale - Part 1a: Multi-Tenancy - Inheriting Information Across Organizational Units and Customers

Securing Modern Enterprise Infrastructure with HashiCorp Vault

Terraform for Enterprises: Understanding Modern Infrastructure Provisioning, or Lessons from a $460M Mistake

Introduction to Retrieval-Augmented Generation (RAG) - Part 2

Everything-as-Code Mindset: A Comprehensive Approach to IT Operations and Beyond

Navigating Your IT Transformation Journey: A Strategic Roadmap to Success

The Beginner's Guide to Retrieval-Augmented Generation (RAG) - Part 1

U.S. Executive Order Mandates SBOMs and Zero Trust Architecture, Bolsters Cybersecurity in General

Why SBOMs Matter: A Practical Guide for Terraform Users (and others as well)

Vault Workshop: HSM Auto-Unseal

Infrastructure-as-Code: Building the Foundation for Modern Enterprise Automation

ICT.technology