🔥 3-day streak
Microsoft Security Operations Analyst175 / 190
Question 175 of 190

Your SOC manages a single Microsoft Sentinel workspace and wants to move away from editing analytics rules directly in the portal. The team requires that all analytics rules, hunting queries, and automation rules be stored as code, peer-reviewed through pull requests, and automatically deployed to the workspace whenever changes are merged to the main branch. Which Microsoft Sentinel capability should you configure to meet these requirements with the least custom development?

Reviewed for accuracy · Report an issueNext question