I'm trying to find something in the SEPM policies that would tell it to email a notification to administrators whenever a risk is detected, but I don't see anything that seems to fit. Is this possible?
Yes, you need to look in Monitor ---> notifications ---> notification conditions. You can setup custom notifications for a variety of events.
Ahh, thank you! I guess it just wasn't where I expected.
What's the difference between the "New Risk Detected" and the "single risk event" condition?
I don't send low risk notifications as it would be sending email constantly. I made a notification for anything above low and have never received an email.
The low status stuff just needs to be verified clean, not trigger a response. IMO