[Request] Add a docs page about Detection-as-code rules management

[approksiu]

Description

We want to add a page mentioning the detection-as-code rule management capabilities of detection rules repo.

Suggestion:

Take an approach similar to Terraform mention in the docs. Add a section on Manage detection rules page.

Section Header: Managing detection rules as code

(section link: https://www.elastic.co/guide/en/serverless/current/security-rules-ui-management.html#manage-rules-dac)

Content

User’s detection rules can be managed externally utilizing the Detection-as-Code principles.

Detection-rules repo is the repository used by Elastic Security Labs team to develop, test and release prebuilt detection rules. It provides Detection-as-Code features and allows customization of settings to make the setup for managing user rules with the Detection-as-Code pipeline simpler.
To get started, see Elastic detection-rules repository DaC documentation.

Background & resources

• PRs:
• Issues/metas: https://github.com/elastic/security-team/issues/11280
• Point of contact: @approksiu @Mikaayenson
• Test environments:

Which documentation set does this change impact?

ESS and serverless

ESS release

8.18 release

Serverless release

10 March

Feature differences

none

API docs impact

none

Prerequisites, privileges, feature flags

No response

[approksiu]

@jmikell821 I added the content suggestion to the issue description.