Why does ETA for Malware Detection $($ETA$-$MD$)$ require connectivity to Cognitive Threat Analytics $($CTA$)?$

ETA$-$MD cannot decipher the Initial Data Packet $($IDP$)$ to determine which negotiated cipher suites and protocols are in use between the endpoints.

ETA$-$MD cannot use the packet$-$recirculation engine in the UADP $2\mathrm{.}0$ ASIC because the packet$-$recirculation bus in the ASIC is encrypted and would lead to double encryption if it were used.

CTA is the architectural entity that is able to perform unsupervised machine learning to determine anomalies, relationships, and final classification of unknown entities.

CTA is the architectural entity that is able to consult the Global Risk Map for matching the hash of the encrypted traffic to known$-$deciphered malware.