The importance of malware dwell time is how accurate an antivirus product is in your environment. It takes days for most antivirus programs to detect a new malware sample. The most popular antivirus engines often miss a submitted sample for days. You need to capture every newly executed program and process, related to files or fileless (e.g., registry) Microsoft Windows has had the ability since the very beginning with its Windows Event Logging capability, but Microsofts application control programs like AppLocker are even better (less distracting noise)”]