Improve Product Automated Telemetry
As you may know I am frequently discovering new threats.
I tested Trend Micro with credentials stealer, which I downloaded on the 23/12 (it has been compiled the day before).
After almost a minute of working, it is blocked by AEGIS, which I believe is the name of your behavioural blocker.
I was expecting this file to be auto-reported and blacklisted, or even a local detection to be added by now, but 5 days later, there is still no detection on scan.
The file is still blocked only by behaviour, which in that case is not so great.
Credential stealers only need few seconds to copy and upload what's saved in Chrome and other browsers. Though you do offer Password Manager, which can be considered a form of protection against this type of threat, I believe your automated threat reporting should be improved.