Microsoft Graph Security was integrated by Mindflow to enable users to automate their incident management and better protect their information system.
The Microsoft Graph Security API is a broker providing a unified programmatic interface to connect to Microsoft Graph Security providers. You can use the Microsoft Graph Security API to connect Microsoft security products, services, and partners to streamline security operations and improve threat protection, detection, and response capabilities.
Connection to the Microsoft Graph Security API includes the following entities, opening the path to numerous use cases.
Alerts are potential security issues within your tenant that Microsoft or partner security solutions have identified and flagged for action or notification. With Graph Security, you can correlate alerts and context to improve threat protection and response. You can unify and streamline the management of security issues across all integrated solutions.
Regarding information protection, Microsoft Graph Security includes a threat assessment API that helps you assess the threat received from your tenant. You can report spam emails, phishing URLs, or malware attachments to Microsoft. Policy checks and rescan results help your tenant administrator understand the threat scanning verdict and adjust your organizational policy.
Microsoft Secure Score is a security analytics solution that gives you visibility into your security portfolio and paths to improve it. You can compare your score with peers and see how it has been trending over time.
Unify and standardize alert tracking: Connect to integrate alerts from any Microsoft Graph-integrated security solution and sync alert status across all solutions. Stream alerts to Mindflow, thanks to the API
Correlate security alerts to improve threat protection and response: Correlate alerts across security solutions with a unified alert schema to allow security analysts to pivot and enrich alerts with asset and user information
Unlock security context to drive investigation: Dive deep into related security-relevant inventory (like users, hosts, and apps), and add organizational context from other Microsoft Graph providers (Azure AD, Microsoft Intune, Microsoft 365)