Surfactant is a modular framework for extracting information from file systems, primarily for generating an SBOM (Software Bill of Materials). The information extracted can then be used to identify the various vendors or libraries associated with a file and establish relationships between files. The resulting SBOM can be used for system level impact analysis (e.g., for IoT, Smart Grid, ICS devices) of vulnerabilities, and the information gathered can be used to help inform what files to focus on for manual analysis. In this video from Black Hat Asia Arsenal, LLNL’s cyber security software engineer Ryan Mast demonstrates how to use Surfactant to create SBOMs. The video’s runtime is 20:15.