ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Endpoint Protection Manger's Single risk event alert notification caveats


Article ID: 237565


Updated On:


Endpoint Protection


Symantec Endpoint Protection Manger's (SEPM) Single risk event alert notification caveats.


This is by product design.


SEPM 14.3.x


SEPM send's Single Risk Alert notification for below categories only and does not trigger notification for all the detection categories.

This is expected behavior by current product design.

  • Virus found
  • Security Risk Found
  • Compressed File


As a security best practices, SEPM administrators are advised to refer SEPM Risk logs to review all detection events happened across the endpoint's on network.

Additional Information

A notification for "New Risk Detected" will trigger only once when a risk is first logged in the SEPM. Any subsequent detection will not trigger notification irrespective of damper settings.

This is by design.

New Risk Detected Notification