secureScoreControlProfile resource type

Namespace: microsoft.graph

Represents a tenant's secure score per control data. By default, this resource returns all controls for a tenant and can explicitly pull individual controls.


Method Return Type Description
List secureScoreControlProfiles secureScoreControlProfile Read properties and metadata of a secureScoreControlProfiles object.
Get secureScoreControlProfile securescorecontrolprofile Read properties and metadata of a secureScoreControlProfiles object.
Update securescorecontrolprofile securescorecontrolprofile Update an securescorecontrolprofile object.


Name Type Description
actionType String Control action type (Config, Review, Behavior).
actionUrl String URL to where the control can be actioned.
azureTenantId String GUID string for tenant ID.
complianceInformation complianceInformation collection The collection of compliance information associated with secure score control
controlCategory String Control action category (Identity, Data, Device, Apps, Infrastructure).
controlStateUpdates secureScoreControlStateUpdate collection Flag to indicate where the tenant has marked a control (ignored, thirdParty, reviewed) (supports update).
deprecated Boolean Flag to indicate if a control is depreciated.
id String Provider-generated GUID/unique identifier. Read-only. Required.
implementationCost String Resource cost of implemmentating control (low, moderate, high).
lastModifiedDateTime DateTimeOffset Time at which the control profile entity was last modified. The Timestamp type represents date and time
maxScore Double max attainable score for the control.
rank Int32 Microsoft's stack ranking of control.
remediation String Description of what the control will help remediate.
remediationImpact String Description of the impact on users of the remediation.
service String Service that owns the control (Exchange, Sharepoint, Azure AD).
threats String collection List of threats the control mitigates (accountBreach, dataDeletion, dataExfiltration, dataSpillage,
elevationOfPrivilege, maliciousInsider, passwordCracking, phishingOrWhaling, spoofing).
tier String Control tier (Core, Defense in Depth, Advanced.)
title String Title of the control.
userImpact String User impact of implementing control (low, moderate, high).
vendorInformation securityVendorInformation Complex type containing details about the security product/service vendor, provider, and subprovider (for example, vendor=Microsoft; provider=SecureScore). Required.



JSON representation

The following is a JSON representation of the resource.

  "actionType": "String",
  "actionUrl": "String",
  "azureTenantId": "String",
  "complianceInformation": [{"@odata.type": "microsoft.graph.complianceInformation"}],
  "controlCategory": "String",
  "controlStateUpdates": [{"@odata.type": "microsoft.graph.secureScoreControlStateUpdate"}],
  "deprecated": "Boolean",
  "id": "String (identifier)",
  "implementationCost": "String",
  "lastModifiedDateTime": "String (timestamp)",
  "maxScore": "Double",
  "rank": "Int32",
  "remediation": "String",
  "remediationImpact": "String",
  "service": "String",
  "threats": ["String"],
  "tier": "String",
  "title": "String",
  "userImpact": "String",
  "vendorInformation": {"@odata.type": "microsoft.graph.securityVendorInformation"}