Share via

MS Graph API for Defender - MEM/Intune "Security Task"

Ventus 1 Reputation point
2021-04-27T10:28:44.953+00:00

I am working on automation of creation of tickets in external ticketing system, when a security analysts requires remediation from administrators. Defender ATP offers a way to create a security task for sysadmins based on the recommendations provided by Msft, by providing remediation request and selecting "Open ticket in Microsoft Endpoint Manager (for AAD joined devices)". Then 'security task' lands in Intune/MEM (https://endpoint.microsoft.com/#blade/Microsoft_Intune_Workflows/SecurityManagementMenu/securityTasks/defaultId/securityTasks). Is there a way to call the list via Graph API (or some other), so I could call ticketing tool to create a record?
I do not see these objects documented in Graph API repository.

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
12,236 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,182 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Deva-MSFT 2,266 Reputation points Microsoft Employee
    2021-04-29T11:01:43.673+00:00

    The closest one i remember is that following doc which talks about Microsoft Graph API for security.

    0 comments
  2. Thomas Kurth 91 Reputation points MVP
    2021-11-24T22:09:47.103+00:00

    @Deva-MSFT there is no solution on this page. It would really be helpful to have ways to ingest these task into a ticketing tool.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.