Worked on the ntop/ntopng repository to enhance port scan alerting, focusing on improving both detection sensitivity and triage urgency. Developed a feature that increased the alert interval from five to eight minutes, balancing thoroughness with timely threat identification. Introduced an urgent-review flag by integrating alert:set_require_attention(), ensuring that critical port scan alerts are flagged for immediate attention. Maintained clear code linkage and traceability through detailed commit messages, supporting maintainability and efficient code review. Utilized Lua to implement these changes, applying expertise in alerting systems and network security to address operational needs and reduce dwell time for potential security threats.