This #detection #SOC post #detectfyi is very good, and I agree fully up to a point. Where my opinion, and #OpenTIDE starts to diverge is for the final paragraph on coverage discussions and documentation. Its possible to do better than this now. And detection depth as a number of detection points along an attack path is....not bad, actually innovative compared to most who don't even use a graph view, it may just not be the optimal type of detections to deploy in this case https://detect.fyi/critical-asset-analysis-for-detection-engineering-72b8051df149