Views:

You can perform a Retro Scan to scan historical web access logs for callback attempts to C&C servers and other related activities on your network from the Affected Users tab on the Security Threats screen in Apex Central.

Deep Discovery Inspector analyzes the impact of suspicious URLs based on historical network traffic information collected by Trend Micro Retro Scan.

Important:

Performing a Retro Scan from the Threat Information screen requires adding at least one Deep Discovery Inspector server on the Server Registration screen on Apex Central and enabling Retro Scan on the registered Deep Discovery Inspector server.

For more information, see the Deep Discovery Inspector Administrator's Guide.

  1. On the Apex Central console, go to Dashboard.
  2. On the Users with Threats or Endpoints with Threats widgets, click a number.
  3. On the screen that appears, click a Security Threat name in the Security Threat Details table.

    The Affected Users screen appears.

  4. Click Start Retro Scan

    Deep Discovery Inspector scans historical web access logs for callback attempts to C&C servers and other related activities on your network.

    For more information, see Retro Scan in Deep Discovery Inspector.

Parent topic: Affected Users