With the new Threat Prevention view you can get with one look full visibility into the risk & security posture and with one click move to mitigation and remediation:
1)Go to relevant security rule
2)Go to specific protection (e.g. IPS)
3)Add exception to protection (in case of false positive)
4)Create Host
5)Go to advisory (insights on the attack)
6)Smart Actions (e.g. ping, nmap, whois)
Please write in comments what smart actions do you use
Hi Moti.
Did you refer to nmap or nslookup?
Personally, I find very useful going to the specific protection and also adding the related exception.