Endpoint Protection

Running SEP version 12.1.6.MP5

A couple of questions on notifications.

1.  What's the difference between "New risk detected" and "Single risk event" for the type of email notifications.

2.  I guess this is the primary thing I'm looking at is with notifications.  The content for a notification has always been pretty basic, Domain, Group, Server, Computer, Risk name which is all very valuable.  I guess after all these years and versions of SEP that the content available for these messages would be better or am I missing something, looking in the wrong area to configure, etc?

We've got the Risk Name:xxxxx  It would be great if it was a hyper link to click on to go directly to Symantec to look it up.

Would like to see some lines with information like Type: Malware or adware or virus,  Severaty: low, medium, high.

A new risk is one that has never been seen before in the enviroment whereas single risk is one event on a distinct computer or computers. It is possible to receive both of these notifications for one detection.

The content of the alerts is not configurable. It's what you see is what you get. Idea's have been posted about making this more controllable but it has never come to fruition.