Question related to how to apply statistical criteria efficiently when creating a trigger

[Guest Leandro]

I created a task on ESET Protect in order to isolate computers from the network and a trigger that will run as soon as the AV detects 50 threats within 5 minutes.
Basically what I want to do is to isolate a computer if the AV detects a variety of threats based on the number of occurrences in a period of time.
I actually have a couple of questions. Firstly, how efficient is this method to prevent threats to replicate on the network? Secondly, What do I have to take into account when correlating the number of occurrences vs time period efficiently? I mean, The more occurrences in a short period of time, the more efficient will be? Last but not least, what do you guys consider when creating a trigger like this one based on the statistical approach? Sorry if I wasn't clear enough.

Thanks in advance.