Solved: Attack Scanner is displaying that some hosts on my...

masato_wang · ‎11-30-2014

Attack Scanner is displaying that some hosts on my network have been communicating with C&C servers. How do I obtain more information about the C&C servers in question?

TrendMicro_Splu · ‎11-30-2014

Starting with version 1.1, Attack Scanner is integrated with Trend Micro Threat Connect portal, which provides a wealth of information related to each C&C server, including profile of the associated attack family. Additional information from Threat Connect can be obtained for a specific C&C server from the screen under the C&C Server Timeline menu.

View solution in original post

TrendMicro_Splu · ‎11-30-2014

Starting with version 1.1, Attack Scanner is integrated with Trend Micro Threat Connect portal, which provides a wealth of information related to each C&C server, including profile of the associated attack family. Additional information from Threat Connect can be obtained for a specific C&C server from the screen under the C&C Server Timeline menu.

Attack Scanner is displaying that some hosts on my network have been communicating with C&C servers..

Join Us for Splunk University and Get Your Bootcamp Game On!

.conf24 | Learning Tracks for Security, Observability, Platform, and Developers!

Announcing Scheduled Export GA for Dashboard Studio