This widget displays all C&C callback event information including the target of the attack and the source callback address.
You can choose to view C&C callback information from a specific C&C server
list. To select the list source (Global Intelligence, Virtual Analyzer), click the edit icon (
> 
) and select the list from the C&C list source
drop-down.
Use the View by drop-down to select the type of C&C callback data that displays:
-
Compromised host: Displays the most recent C&C information per targeted endpoint
Table 1. Compromised Host Information Column
Description
Compromised Host
The name of the endpoint targeted by the C&C attack
Callback Addresses
The number of callback addresses that the endpoint attempted to contact
Latest Callback Address
The last callback address that the endpoint attempted to contact
Callback Attempts
The number of times the targeted endpoint attempted to contact the callback address
Note:Click the hyperlink to open the C&C Callback Logs screen and view more detailed information.
-
Callback address: Displays the most recent C&C information per C&C callback address
Table 2. C&C Address Information Column
Description
Callback Address
The address of C&C callbacks originating from the network
C&C Risk Level
The risk level of the callback address determined by either the Global Intelligence or Virtual Analyzer list
Compromised Hosts
The number of endpoints that the callback address targeted
Latest Compromised Host
The name of the endpoint that last attempted to contact the C&C callback address
Callbacks Attempts
The number of attempted callbacks made to the address from the network
Note:Click the hyperlink to open the C&C Callback Logs screen and view more detailed information.