In today's network environments, malware that evades legacy defenses is pervasive, with communication and activity occurring up to once every three minutes. Unfortunately, most of this activity is inconsequential to the business. You would think that would be good news right? The problem is that incident responders have no good way of distinguishing inconsequential malware from (potentially) highly damaging malware. As a result, they spend way too much time and resources chasing red herrings while truly malicious activity slips past.