Apr 21 2022
Does defender have an option to deploy custom queries and rules via GitHub like Sentinel? Or is there a way to use API calls, notebooks, playbooks etc? Or even bulk upload custom rules through a file?
I’m just shocked that I can’t find a way to create rules and queries in a more efficient way. Any advise would be really appreciated!