Hello,
We have configured the client security alert notification type to send notifications by email when any of the following event types are detected:
Compliance Events
Network Threat Protection Events
Traffic Events
Packet Events
As I understand it Network Threat Protection in SEP is comprised of Network intrusion prevention and browser intrusion prevention. The notifications do arrive for network intrusion prevention events but nothing for browser intrusion prevention events. I know this because we had a browser intrusion event on 7/30 which appeared in a scheduled report the following day but the notification alert was not received.
*attached screenshot of the client security alert configuration*
Matt