Stack Overflow
Stack Overflow

Questions tagged [microsoft-graph-security]

Microsoft Graph Security refers to a subset of security-specific APIs in Microsoft Graph. Prior to release, this had previously been referred to as the "Intelligent Security Graph". This tag should generally be used in conjunction with the [microsoft-graph] tag.

The Microsoft Graph Security API describes a security-specific API connected to the Microsoft Graph that provides standard interface and schema with security solutions from Microsoft and partners.

It allows for easier integration with security solutions as well as connects to the business context from other Microsoft Graph entities.

You can use this API to build solutions that authenticate once through Microsoft Graph and make a single API call to access or act on security insights from multiple sources.

28 questions
1
vote
1 answer

Retrieving the Recommendations using Microsoft Graph Security API in Azure

I am able to retrieve Security Alerts using: https://graph.microsoft.com/beta/security/alerts?$top=1 Now I would like to retrieve the "recommendations" from an Azure tenant We can see these recommendations in Azure portal -> Security Center ->…
Avinash
  • 2,053
  • 2
  • 14
  • 32
1
vote
2 answers

Connecting alerts and SIEM with Microsoft Graph data

Is there any guidance for integrating my SIEM (security information and event management system with) Microsoft Graph to connect my security alerts with other Microsoft Graph entities?
JDallman
  • 11
  • 2
0
votes
1 answer

Fetch Microsoft Security Alerts for a specific user

I'm trying to use the Microsoft Graph Security API to fetch security alerts for a specific user. It looks like I should be using the filter parameter. But I can't figure out the property to search on. I can't find the common schema defined…
Barry Rosenberg
  • 268
  • 5
  • 11
0
votes
0 answers

Get 404 "The resource could not be found" when call /beta/informationprotection/policy/labels

according to documentation we may use the following endpoints for fetching sensitivity labels: /me/informationProtection/policy/labels (using delegated permissions) /informationProtection/policy/labels (using application permission. App should…
alex
  • 187
  • 1
  • 9
0
votes
2 answers

Throttling of Microsoft Graph threat assessment API

I'm starting to use Microsoft Graph threat assessment API to report Phishing Website URL. (Ref: https://learn.microsoft.com/en-us/graph/api/informationprotection-post-threatassessmentrequests?view=graph-rest-1.0&tabs=http) My use-case is automatic…
rung
  • 1
0
votes
1 answer

Pulling Azure Security data into Power BI Desktop using Graph Security API: How to set permissions in Azure AD

I'm attempting to connect the Microsoft Graph Security API Connector to Power BI Desktop. Everything seems to work okay until I try to set 'Application' or advanced 'Delegated' authorizations so I can execute GET commands, such as…
dhoegl
  • 33
  • 3
0
votes
1 answer

Ingesting Office 365 Alerts with Graph Security API: Set permissions in Azure AD

I'm trying to help someone to ingest Office 365 Alerts with the Graph Security API. This requires SecurityEvents.ReadAll as minimum permission. The docs mention that the permission setting is done in the Microsoft Graph API Explorer (see e.g. this…
Andreas
  • 716
  • 4
  • 14
0
votes
1 answer

Unable to update threat intelligence indicator beta endpoint

I have created and pushed indicator to Microsoft Azure Sentinel. I have checked that I can access it using GET request with https://graph.microsoft.com/beta/security/tiIndicators/{id} However when I am trying to update the indicator using PATCH…
user12274277
  • 1
  • 1
0
votes
1 answer

secureScores endpoint returning None

I am working on Microsoft Graph API (python3). The get_alerts() and get_secure_score_control_profiles() returns results but get_secure_score() is returning 'None'. The Azure portal shows Secure Scores but the function returns despite the response…
Harikrishna
  • 1
0
votes
1 answer

How to get label activity reports ( O365 Data Governance) user level and file level programatically?

I used labels and policies in Data Governance. After I auto-published the label, I see the individual files in OneDrive getting tagged with a label. I need to programmatically check if there are any labels associated with the file and categorize…
madhantce
  • 3
  • 3
0
votes
2 answers

Creating a Microsoft Graph webhook subscription to security/alerts fails

When I attempt to create a Microsoft Graph webhook subscription to the security/alerts endpoint, the subscription creation fails with a generic message as shown below. Modifying the resource to 'me/messages' results in a successful webhook…
Wes K.
  • 33
  • 1
  • 4
0
votes
2 answers

Authentication flow Service to Service Microsoft Graph and Bookings API

I am building a custom mobile application that has a client, custom backend server (I'm building) and interacts with numerous other api's. One of these api's is Microsoft bookings. The problem I'm facing is I need to be authenticated via server to…
Gavin Thomas
  • 1,827
  • 2
  • 11
  • 17
0
votes
1 answer

Microsoft Graph Security API Gives 206, Empty `values`

I am trying to retrieve security events and/or alerts from the Microsoft Graph Security API. The end goal is to get EOP events. When I submit the request: GET https://graph.microsoft.com/v1.0/security/alerts I get this: HTTP/1.1 206 Partial…
Nelson
  • 58
  • 5
1
2