Viewing C&C Callback Addresses

Procedure

1. Go to Detections → C&C Callback Addresses.
2. Click the drop-down for detection type and then select one of the following detection types:
   • All (default)
   • IP Addresses/Domains
   • URLs
3. (Optional) Copy a callback address to the Deny List or the Allow List.
   1. Select a callback address detection.
   2. Click Copy to Deny List or Copy to Allow List.
      A window appears to copy to the Deny List or Allow List.
   3. Specify the options and click Save.
      A notification that asks to reload the lists appears .
   4. Click Reload.
4. (Optional) Click a number in the Callbacks column to drill-down to the All Detections screen with filters applied.
5. (Optional) To sort the list of C&C callback addresses, click the column titles.

   Note Only one column can be sorted at a time.

   • Callback Address: Ascending/descending alphanumeric
   • C&C Risk Level: Ascending/descending alphabetical
   • Type: Ascending/descending alphabetical
   • Latest Callback: Earliest/latest date
   • Callbacks: Ascending/descending numerical