@adulau@infosec.exchange2026-02-22 09:11:32
Have you ever tried doing digital forensics using an SBOM or even just gathering evidence for a technical investigation from one?
No file hashes, a single cryptographic signature covering an arbitrary set of files, and often missing full paths or permissions.
Many SBOM standards need a serious revamp if they are to support DFIR use cases
#dfir