You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Ivan Kirillov edited this page Sep 21, 2015
·
1 revision
Abstraction Level: High
Related Use Cases
Description
The ability to understand the state of a system at a particular moment in time is a key component in cyber threat analysis, detection, and related domains. For example, a memory snapshot of a running operating system may lead to the detection of malware running in the memory space of the operating system through examination of its process table and other entities. Accordingly, enabling the structured capture of a wide variety of system state data allows for analysis, correlation, and aggregation of such data and therefore supports a large number of other use cases.