Graph-first security

Event streams are noisy. Relationships are durable. A graph-first security posture flips detection and response on its head:

1. Model identities, assets, privileges, and edges explicitly.
2. Ask questions like a graph, not a log: “Who can reach prod data?”
3. Treat detections as graph deltas, not isolated alerts.

type Edge = { from: string; to: string; rel: 'assumes'|'calls'|'reads' };

With a graph in hand, zero-trust becomes measurable, not mystical.