Advanced Threat Prevention Dashboard: Hosts Generating Cloud Detected C2 Traffic
Focus
Focus
Strata Cloud Manager

Advanced Threat Prevention Dashboard: Hosts Generating Cloud Detected C2 Traffic

Table of Contents

Advanced Threat Prevention Dashboard: Hosts Generating Cloud Detected C2 Traffic

Examine the source IPs and users responsible for generating command and control (C2) traffic.
Where Can I Use This?What Do I Need?
  • Prisma Access (Managed by Panorama or Strata Cloud Manager)
  • NGFW, including those funded by Software NGFW Credits
Each of these licenses include access to Strata Cloud Manager:
The other licenses and prerequisites needed for visibility are:
  • A role that has permission to view the dashboard
  • Threat Prevention or Advanced Threat Prevention
→ The features and capabilities available to you in Strata Cloud Manager depend on which license(s) you are using.
  • Click Strata Cloud ManagerDashboardsMore DashboardsAdvanced Threat Prevention to view the dashboard.
Examine the source IPs and users responsible for generating command and control (C2) traffic. Advanced Threat Prevention uses cloud-based engines and inline cloud analysis to detect and analyze traffic for unknown C2 and vulnerabilities. Click the search icon next to the source IP to review the usage patterns related to the source IP. A contextual link to Log Viewer helps to analyze the threat sessions, download the packet capture and cloud report to get additional context and leverage Palo Alto Networks threat analytics data and improve your incident response processes.