Engineering Blog


KBOM: The Key to Enhanced Kubernetes Security and Efficiency

Understanding the Industry Standard for Container Orchestration Insights

The Kubernetes Bill of Materials (KBOM) standard is designed to offer comprehensive insights into container orchestration tools widely used across various industries. This new standard aligns with other established Bill of Materials (BOM) standards, ensuring consistency and reliability.

What is KBOM?

KBOM is a project aimed at providing an initial specification in JSON format, built for extensibility across different cloud service providers (CSPs) and DIY Kubernetes setups. The project’s goal is to create a standard that offers detailed insights into the components of Kubernetes clusters, making it easier for organizations to manage and secure their deployments.

Getting Started with KBOM

To start using KBOM, follow these steps:


You can install KBOM using Homebrew or by building it from source:

shCopy codebrew install rad-security/homebrew-kbom/kbom

Or build it using:

shCopy codemake build

The primary command to generate a KBOM file for your Kubernetes cluster is:

shCopy codekbom generate [flags]

Here are some optional flags you can use with the kbom generate command:

  • -f, --format string: Specify the output format (options: json, yaml, cyclonedx-json, cyclonedx-xml). Default is “json”.
  • -h, --help: Display help information for the command.
  • -p, --out-path string: Define the path to write the KBOM file to. This works only with --output=file. Default is the current directory.
  • -o, --output string: Specify the output destination (options: stdout, file). Default is “stdout”.
  • --short: Generate a shorter version of the KBOM file, including only metadata, nodes, images, and resource counters.

Schema and Compatibility

The high-level object model for KBOM can be found here.

Supported Kubernetes Versions

KBOM has been tested with all Kubernetes versions newer than v1.19. This extensive testing ensures compatibility and reliability across these versions, giving you confidence in using KBOM for your cluster management.

Supported Cloud Providers

We have tested KBOM with major cloud providers including Azure, AWS, and Google Cloud. While KBOM can generate files for any Kubernetes cluster, please note that some metadata entries may not be set in certain cases.

Contributing to KBOM

KBOM is licensed under Apache 2.0 and welcomes contributions via GitHub pull requests.

About KBOM

KBOM stands for Kubernetes Bill of Materials and aims to set a standard for providing detailed insights into the components and configurations of Kubernetes clusters. By adopting KBOM, organizations can enhance their Kubernetes management and security practices.

Reference to the Article : Github

Follow us for more Updates

Previous Post
Next Post