When you enable this experimental feature, the on-box sandboxing service discovers additional, unknown threats.
This capability is possible because DDNA is able to examine the code and get insight into unexecuted code paths. It looks beyond evasion techniques and even provides results when supporting malware components are not available.
NOTE: This option decreases the overall throughput of analyzed samples. In rare cases, it can also lead to false positive detections.
To enable DDNA: