Hi,
Below are my suggestion based on current version 2.3:
1) No refresh button or command to refresh status at ATP manager
Difficult to clear ATP alert/warning
2) ATP - Event column has no important filters/column features:
We should able to generically add/remove column that we want to see
-Time range is not able be customized
-Generic target/attack CIDR or prefix not useable (e.g 192.168.0.0/24 or *)
-No hit counts
-Column not sortable
-No export .csv/.pdf option
-No page selection option (we need to keep scroll down until the end..)
-No custom view count (1000/500 result per page)
3) ATP - No top 10 list
When clicking Network/Endpoint/Email - the top 10 unique target/attacker/risk should be displayed
4) ATP - Cynic
-The manual submission link/shortcut should be integrated into ATP gui instead
of user need to enter from external browser
https://sso.trm.symantec.com/SSO?RedirectUrl=http%3a%2f%2fcynic.symantec.com%2fportalnextgen
-Cynic ID should be displayed in ATP instead of require diagnostic commands to search via CLI
-An option to select or view a more detailed forensic/detonation report should be available for technical user