How to Create Multiple Detections for Multiple Techniques

There are different ways to approach the detection problem so for an example let's say you're worried about kernel modules getting loaded on a Linux server. This type of overlapping alerts provide a lot of value for one it means that you're viewing the same problem from different angles. For stuff you really care about or really important techniques absolutely recommend it yeah.