Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Automating detection engineering for MS 365 Defender

Copper Contributor

I'm working at a MSSP managing multiple customers.

 

We build a lot of custom detections rules in the MS 365 Defender portal of the customers. We have a library of standard custom detections we use for all our customer. However it is very labor intensive to manage all those detections.

 

I'm thinking of automating it so it is all manageable from one platform. But the MS documentation doesn't speak about API features to create edit and remove custom detections in MS 365. Is there anyway to automate this process?

2 Replies
Stay tuned :) There will be news on this specific area really soon :) *wink* *wink*
Is there any news on this ?