[9.0 & Serverless] Add a docs page about Detection-as-code rules management (elastic#891)

nastasha-solomon · web-flow · commit 60f45edc9698 · 2025-03-27T17:59:05.000-04:00
### Description Provides 9.0 and Serverless changes for elastic#667. Twin PR for 8.18 is at: http://github.com/elastic/security-docs/pull/6656 ### Preview [Manage rules as code](https://docs-v3-preview.elastic.dev/elastic/docs-content/pull/891/solutions/security/detect-and-alert#manage-rule-dac)
diff --git a/solutions/security/detect-and-alert.md b/solutions/security/detect-and-alert.md
@@ -102,3 +102,10 @@ Depending on your privileges and whether detection system indices have already b
 
 To learn how your rules and alerts are affected by using the [logsdb index mode](/manage-data/data-store/data-streams/logs-data-stream.md), refer to [Using logsdb index mode with {{elastic-sec}}](/solutions/security/detect-and-alert/using-logsdb-index-mode-with-elastic-security.md).
 
+## Manage rules as code [manage-rule-dac]
+
+Utilize the [Detection-as-Code](https://dac-reference.readthedocs.io/en/latest/dac_concept_and_workflows.html) (DaC) principles to externally manage your detection rules. 
+
+The {{elastic-sec}} Labs team uses the [detection-rules](https://github.com/elastic/detection-rules) repo to develop, test, and release {{elastic-sec}}'s[ prebuilt rules](https://github.com/elastic/detection-rules/tree/main/rules). The repo provides DaC features and allows you to customize settings to simplify the setup for managing user rules with the DaCe pipeline.
+
+To get started, refer to the [DaC documentation](https://github.com/elastic/detection-rules/blob/main/README.md#detections-as-code-dac).
diff --git a/solutions/security/detect-and-alert/manage-detection-rules.md b/solutions/security/detect-and-alert/manage-detection-rules.md
@@ -253,3 +253,11 @@ You can also check rules' related integrations in the **Installed Rules** and **
 ::::{tip}
 You can hide the **integrations** badge in the Rules tables by turning off the `securitySolution:showRelatedIntegrations` [advanced setting](/solutions/security/get-started/configure-advanced-settings.md#show-related-integrations). 
 ::::
+
+## Manage rules as code [manage-rule-dac]
+
+Utilize the [Detection-as-Code](https://dac-reference.readthedocs.io/en/latest/dac_concept_and_workflows.html) (DaC) principles to externally manage your detection rules. 
+
+The {{elastic-sec}} Labs team uses the [detection-rules](https://github.com/elastic/detection-rules) repo to develop, test, and release {{elastic-sec}}'s[ prebuilt rules](https://github.com/elastic/detection-rules/tree/main/rules). The repo provides DaC features and allows you to customize settings to simplify the setup for managing user rules with the DaCe pipeline.
+
+To get started, refer to the [DaC documentation](https://github.com/elastic/detection-rules/blob/main/README.md#detections-as-code-dac).
