This paper covers the technical aspects of gaps in current approaches to detect the latest malware using C2 frameworks, the increased efficacy from using a focused machine-learning approach with additional network signals and fine-grained risk metrics based on models at the user and organization level. We also discuss some of the key challenges in testing the efficacy of any C2 beacon detection solution.