When content is blocked, the log should detail the specifics
When web content is blocked (IE: mal/jsredir-ae detected) which can be targeted in internet explorer. The specific details need to be shown in the logs. Our own site has such a problem.
" Malware detected: 'Mal/JSRedir-AE' at 'www.harrisdigi.com'
threat " Without the page loading, we cannot submit the sample. if the call was detailed we could identify the file, script, or offending plug-in.
The same issue exists with clients when they report a site that used to be accessible. They request an exception or to turn off the service. this weakens the product.