Multiple downloads of a malicious file are only recorded as a single event on the Advanced Threat Protection platform
Updated On:12-12-2018 04:32
Endpoint Detection and Response, Advanced Threat Protection Platform
When testing the Advanced Threat Protection software, you download an Insight or malware test file multiple times to test network detection. When you review the Events, you only see one or two events for the download.
This is expected behavior for the Advanced Threat Protection platform. There is no gap in detection, the Event is simply only reported once.