Views:
You can perform a Retro Scan to scan historical web access logs for callback attempts to C&C servers and other related activities on your network from the Affected Users tab on the Security Threats screen in TrendAI™ Apex Central.
Deep Discovery Inspector analyzes the impact of suspicious URLs based on historical network traffic information collected by TrendAI™ Retro Scan.
Important
Important
Performing a Retro Scan from the Threat Information screen requires adding at least one Deep Discovery Inspector server on the Server Registration screen on TrendAI™ Apex Central and enabling Retro Scan on the registered Deep Discovery Inspector server.
For more information, see the Deep Discovery Inspector Administrator's Guide.

Procedure

  1. On the TrendAI™ Apex Central console, go to Dashboard.
  2. On the Users with Threats or Endpoints with Threats widgets, click a number.
  3. On the screen that appears, click a Security Threat name in the Security Threat Details table.
    The Affected Users screen appears.
  4. Click Start Retro Scan
    Deep Discovery Inspector scans historical web access logs for callback attempts to C&C servers and other related activities on your network.
    For more information, see Retro Scan in Deep Discovery Inspector.
Related information