In absolute agreement. I'm seeing Security Operations Centers where analysts and engineers are feeding full emails or system alerts to systems not trained or tuned specifically for such events to ask "Is this malicious?" or "Is this worth investigation?" As a result they are most often creating exce...