Organization: Ernst & Young L.L.P.
Co-Developer(s): Los Alamos National Laboratory
Year: 2016

Traditional network defense tools continually prove to insufficiently protect enterprises from expensive data breaches. The prevailing signature-based systems are easily avoided by attackers. But mitigating cybersecurity threats is no longer about deterring and detecting something that “looks” like a threat. It is now about being able to identify and anticipate something that “acts” like a threat. PathScan represents a game-changing new way of tackling this problem by looking at behavioral anomalies that indicate an attack and allowing enterprises to be proactive in their defense. Forged in the fires of U.S. government operational security at LANL, PathScan has proven successful in detecting sophisticated adversaries at a level of specificity that no other tool can match—and doing so before they have a chance to do any damage or extract any assets from the network. Through the statistical analysis of abnormal behavior across a network and identification of which behaviors are deviating in attack-consistent ways, PathScan provides a deeper, more targeted layer of defense against network attacks.