Detection in the Run Time

i don't recommend people to starve thi sast tust because its just number of false positives you get. I think we really need both to be able to detect all the different sorts of attack factors that we're going to see an ntemed acceptance. So if my answer depends on the size of your company and the size and complexity of your organization, right? i think there's still huge dividends paid in not just hiring that one abstect person an comein into your inventory. And then kickstart a imbetting or security champions programme to dru and create an education campaign for your existing teams.