Alerts can enter an organization at inconceivable rates. Security teams are tasked with sifting through hundreds, if not thousands of alerts per day, making it difficult to prioritize files without spending resources, in the form of time, and reverse engineering and analysis efforts, on false positives.

https://www.intezer.com/blog-sans-product-review/