Specify the 'Define the rate of detection events for logging' (Minutes Min:0 Max:10000000) This policy setting limits the rate at which detection events for network protection against exploits of known vulnerabilities will be logged. Logging will be limited to not more often than one event per the defined interval. The interval value is defined in minutes. The default interval is 60 minutes. If you enable this setting, detection events will not be logged if there is more than one similar report (by definition GUID) in the specified number of minutes. If you disable or do not configure this setting, detection events will be logged at the default rate. Counter Measure: Configure this setting depending on your organization's requirements. Potential Impact: Detection events will be logged at the default rate or the rate specified.

(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Windows Defender\Network Inspection System\Define the rate of detection events for logging (2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\NIS\Consumers\IPS\ThrottleDetectionEventsRate