Custom Rules for Defender

Copper Contributor



Does defender have an option to deploy custom queries and rules via GitHub like Sentinel? Or is there a way to use API calls, notebooks, playbooks etc? Or even bulk upload custom rules through a file? 

I’m just shocked that I can’t find a way to create rules and queries in a more efficient way. Any advise would be really appreciated!

0 Replies