security resource type

Namespace: microsoft.graph

Important

APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.

Connects Microsoft security products, services, and partners to streamline security operations and improve threat protection, detection, and response capabilities.

Methods

Method Return type Description
Run hunting query microsoft.graph.security.huntingQueryResults Queries a specified set of event, activity, or entity data supported by Microsoft 365 Defender to proactively look for specific threats in your environment.

Properties

None.

Relationships

Relationship Type Description
alerts alert collection Notifications for suspicious or potential security issues in a customer’s tenant.
alerts_v2 microsoft.graph.security.alert collection A collection of alerts in Microsoft 365 Defender.
attackSimulation attackSimulationRoot Provides tenants capability to launch a simulated and realistic phishing attack and learn from it.
collaboration microsoft.graph.security.collaborationRoot Enables read and other actions on collaborative entities in Microsoft Defender.
identities microsoft.graph.security.identityContainer A container for security identities APIs.
incidents microsoft.graph.security.incident collection A collection of incidents in Microsoft 365 Defender, each of which is a set of correlated alerts and associated metadata that reflects the story of an attack.
partner microsoft.graph.partner.security.partnerSecurity A container that safeguards the Microsoft Azure resources of Microsoft Cloud Solution Provider (CSP) partners’ customers, including alerts, scores, and all aspects of security.
secureScores secureScore collection Measurements of tenants’ security posture to help protect them from threats.
securityactions securityAction collection Actions that respond to alerts to block malicious activities.
tiindicators tiIndicator collection Threat indicators sent to Microsoft that identify malicious activities.
threatSubmission security.threatSubmission A threat submission sent to Microsoft; for example, a suspicious email threat, URL threat, or file threat.

JSON representation

The following JSON representation shows the resource type.

{
  "@odata.type": "#microsoft.graph.security"
}