The Importance of Knowing About a Worm

There are so detection is not the end Of the pipeline, right? So like we have this idea called the funnel of fidelity Which talks about the detection response process conceptually. There's collection, which is how do I know what's happening within my enterprise? And then there's triage, which is you know, I identified security relative relevant events Are they actually something i'm interested in investigation? Then remediation, which isHow do I clean it up? Right? But at each point and sometimes multiple times within each of those phases uh, there's opportunities for evasions or bypasses, right? The worm already has domain admin level access They've already got like kernel level persistence on