Update README.md

src/pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/README.md

@@ -185,15 +185,6 @@ Tip: Compress and encrypt evidence before exfiltrating it so that CloudTrail doe
 7z a evidence.7z /path/to/files/* -p'Str0ngPass!'
 ```
 
----
-
-**Defence & Detection**
-
-* Limit who can call `ssm:StartSession` or restrict the allowed SSM documents.
-* Enable Session Manager logging to CloudWatch/S3 and monitor for the `AWS-StartPortForwardingSession` document.
-* Use VPC endpoints plus traffic inspection to detect unexpected data egress.
-
-
 
 ### Share AMI