Just reviewing User Behavior Analytics, it looks like most of the third party alerts have categories for Low, Medium, and High severity issues. However, it looks like Critical is not included, so there is a potential for “critical” issues that could be missed. I understand that you could move Critical to High, but then you could potentially loses out of Low severity issues. If you are in the process of implementing new security tools/services I would think you would want to see all levels of severity while doing the implementation so you could address potential false positive scenarios.