MS Graph API for Defender - MEM/Intune "Security Task"

Ventus 1 Reputation point
2021-04-27T10:28:44.953+00:00

I am working on automation of creation of tickets in external ticketing system, when a security analysts requires remediation from administrators. Defender ATP offers a way to create a security task for sysadmins based on the recommendations provided by Msft, by providing remediation request and selecting "Open ticket in Microsoft Endpoint Manager (for AAD joined devices)". Then 'security task' lands in Intune/MEM (https://endpoint.microsoft.com/#blade/Microsoft_Intune_Workflows/SecurityManagementMenu/securityTasks/defaultId/securityTasks). Is there a way to call the list via Graph API (or some other), so I could call ticketing tool to create a record?
I do not see these objects documented in Graph API repository.

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
2,084 questions
Microsoft Graph SDK
Microsoft Graph SDK
A Microsoft software developer kit designed to simplify building high-quality, efficient, and resilient applications that access Microsoft Graph.
732 questions
Microsoft Graph Security API
Microsoft Graph Security API
A Microsoft API that provides a unified interface to connect security solutions from multiple Microsoft and third-party providers.
101 questions
No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Deva-MSFT 2,231 Reputation points
    2021-04-29T11:01:43.673+00:00

    The closest one i remember is that following doc which talks about Microsoft Graph API for security.

    No comments

  2. Thomas Kurth 91 Reputation points
    2021-11-24T22:09:47.103+00:00

    @Deva-MSFT there is no solution on this page. It would really be helpful to have ways to ingest these task into a ticketing tool.

    No comments