Microsoft XDR (Defender) - How to export - Advanced Hunting - Custom Detection Rules
Hello everyone,
Our team is trying to export the Custom Detection Rules. We have more than 50 rules, so we need an automated process that allows us to export and import the rules.
Currently, we see that the API function that allows this is still in beta: https://learn.microsoft.com/es-es/graph/api/security-detectionrule-get?view=graph-rest-beta&tabs=http.
We would also like to have version control for these rules. The idea would be to export them, upload them to a version control repository, and be able to sync the rules from there for different Microsoft XDR tenants. This would be similar to what exists with Analytics rules in Sentinel, which can be deployed through GitHub or Azure DevOps.
Any idea how we could achieve this without using the beta version of Graph or if there are plans for the API to launch stable versions?
thx