Move the Detection location in the docs

Author: kmcquade

docs/appendices/user-agent-detection.md docs/detection.md

@@ -1,4 +1,6 @@
-# User Agent Detection
+# Detection
+
+## User Agent Detection
 
 Endgame uses the user agent `HotDogsAreSandwiches` by default. While this can be overriden using the `--cloak` flag, defense teams can still use it as an IOC.
 
@@ -12,3 +14,11 @@ fields eventTime, eventSource, eventName, userIdentity.arn, userAgent
 This query assumes that your CloudTrail logs are being sent to CloudWatch and that you have selected the correct log group.
 
 Further documentation on how to query for specific API calls made to each service by endgame is available in the risks documentation.
+
+## API Call Detection
+
+Further documentation on how to query for specific API calls made to each service by endgame is available in the [risks documentation](./risks).
+
+## Behavioral-based detection
+
+Behavioral-based detection is currently being researched and developed by [Ryan Stalets](https://twitter.com/RyanStalets). [GitHub issue #46](https://github.com/salesforce/endgame/issues/46) is being used to track this work. We welcome all contributions and discussion!

mkdocs.yml

@@ -23,6 +23,7 @@ nav:
   - Installation: 'installation.md'
   - Tutorial: 'tutorial.md'
   - Permissions: 'iam-permissions.md'
+  - Detection: 'detection.md'
 
   - "<b>Backdoor Resource Types</b>":
     - ACM Private CAs: 'risks/acm-pca.md'
@@ -51,6 +52,5 @@ nav:
   - "<b>Appendices</b>":
     - Terraform Demo Infrastructure: 'appendices/terraform-demo-infrastructure.md'
     - ACM PCA Activation: 'appendices/acm-pca-activation.md'
-    - User-Agent Detection: 'appendices/user-agent-detection.md'
     - Roadmap: 'appendices/roadmap.md'
     - FAQ: 'appendices/faq.md'