Pathscan Case Study

Satisfactory Essays

PathScan is capable of running in two modes; online and forensic. Online mode is as it sounds; PathScan is operational on a network and is analyzing millions of communications that occur every minute. In fact, PathScan is currently active of Los Alamos National Labs unclassified network doing just this. In foresic mode, PathScan is able to find and determine details of a previous attack that has occurred that could have been missed in the original investigation. “It has proven effective in fleshing out attacks initially identified by security incident responders, discovering additionally compromised machines that were undetected by the original investigators” (Maughan & Pozmantier,

Get Access