Dragon riders - grab your flight leathers and let’s strap in for Detection flight school. What makes for a fire(breathing) detection? Where should we even start? We will dive in, discussing head to wings to tail, on how to create high fidelity detection logic - whether you’re protecting a few resources or a few thousand. We will discuss tying in the MITRE ATT&CK framework, choosing the right sources for detection, and testing the logic with the open-sourced Atomic Red Team framework.