|
Component
|
Description
|
|
Global C&C IP List
|
The Global C&C IP list works in conjunction with the Network Content Inspection Engine
(NCIE) to detect network connections with known C&C servers. NCIE detects C&C server
contact through any network channel.
Trend Micro Apex One
logs all connection information to servers in the Global C&C IP list for evaluation.
|
|
Relevance Rule Pattern
|
The Suspicious Connections service uses the Relevance Rule Pattern to detect unique
malware family signatures located in the headers of network packets.
|
Views: