I have never seen a security/firewall system like this. On the left, I see emacs or some variant of, the status line says “edit code: mySysScan.c“. And the middle bottom window says “*shell*“. The lower right is some code that I cannot make out. The rest looks familiar but I cannot identify it.
But the bigger question is, if they were looking into how somebody broke into a system, wouldn’t either/both the Security Scan or Firewall Protection Scan have alerted when the incursion occurred? And if they did not, why would a post mortem scan produce a different result?