How a single OOTB macro can cause massive Alert Fatigue

If you use CrowdStrike Falcon, you're probably familiar with the built-in macros designed to save us time. But lately, our team was chasing down a string of persistent false positives from the default