Below is a Screenshot of the last 24 hours view in the RSA FirstWatch Malware Sandbox. Everything in the alert field represents KNOWN threats. This makes it quite simple to filter out what is known to analyze traffic that is unknown.
Heh, If I was working a SOC shift and my alert fields looked like this, I'd probably want to quit and wish the IT response teams lotsaluck.
Much of this content that creates these alerts have been shared over this Community. Check the latest blogs!