Is there a way to add, update and delete "Custom Detections" in Defender for Endpoint via the api? I don't mean indicators like file hashes, I mean the actual KQL Custom Detections with priorities.
There's a notebook for this in Azure Sentinel but I haven't seen anything for Endpoint.
Much appreciated!!