You can perform a Retro Scan to scan historical web access logs for callback attempts to C&C servers and other related activities on your network from the Affected Users tab on the Security Threats screen in Apex Central.
Deep Discovery Inspector analyzes the impact of suspicious URLs based on historical network traffic information collected by Trend Micro Retro Scan.
Performing a Retro Scan from the Threat Information screen requires adding at least one Deep Discovery Inspector server on the Server Registration screen on Apex Central and enabling Retro Scan on the registered Deep Discovery Inspector server.
For more information, see the Deep Discovery Inspector Administrator's Guide.
The Affected Users screen appears.
Deep Discovery Inspector scans historical web access logs for callback attempts to C&C servers and other related activities on your network.
For more information, see Retro Scan in Deep Discovery Inspector.