In the evolving field of cybersecurity, there is a notable trend of integrating software development principles to enhance the efficiency and reliability of security solutions, exemplified by the concept of "Detection-as-Code." This approach involves managing security detection rules for SIEM or XDR systems in a structured, code-based manner similar to software development processes, facilitating auditing and peer review through APIs and CI/CD pipelines. The sharing of detection rule ideas has become widespread on platforms like GitHub, with contributions from entities like Sigma and Microsoft, fitting well into the GitHub Flow model. The text provides a practical guide to implementing Detection-as-Code using platforms such as Elastic for SIEM, GitHub for development and CI/CD, and Tines for alert handling, emphasizing the importance of a working example to bridge the gap between theory and practice. The implementation involves configuring Elastic SIEM, developing custom rules, utilizing GitHub Actions for automated testing and deployment, and managing alerts through GitHub Issues, which allows for seamless integration with existing development workflows. The approach not only improves efficiency in managing security rules but also enhances the ability to track and modify them over time, reducing false positives and ensuring ongoing relevance.