security resource type
Namespace: microsoft.graph
Important
APIs under the /beta version in Microsoft Graph are subject to change. Use of these APIs in production applications is not supported. To determine whether an API is available in v1.0, use the Version selector.
Connects Microsoft security products, services, and partners to streamline security operations and improve threat protection, detection, and response capabilities.
Methods
| Method | Return type | Description |
|---|---|---|
| Run hunting query | microsoft.graph.security.huntingQueryResults | Queries a specified set of event, activity, or entity data supported by Microsoft 365 Defender to proactively look for specific threats in your environment. |
Properties
None.
Relationships
| Relationship | Type | Description |
|---|---|---|
| alerts | alert collection | Notifications for suspicious or potential security issues in a customer’s tenant. |
| alerts_v2 | microsoft.graph.security.alert collection | A collection of alerts in Microsoft 365 Defender. |
| attackSimulation | attackSimulationRoot | Provides tenants capability to launch a simulated and realistic phishing attack and learn from it. |
| collaboration | microsoft.graph.security.collaborationRoot | Enables read and other actions on collaborative entities in Microsoft Defender. |
| identities | microsoft.graph.security.identityContainer | A container for security identities APIs. |
| incidents | microsoft.graph.security.incident collection | A collection of incidents in Microsoft 365 Defender, each of which is a set of correlated alerts and associated metadata that reflects the story of an attack. |
| partner | microsoft.graph.partner.security.partnerSecurity | A container that safeguards the Microsoft Azure resources of Microsoft Cloud Solution Provider (CSP) partners’ customers, including alerts, scores, and all aspects of security. |
| secureScores | secureScore collection | Measurements of tenants’ security posture to help protect them from threats. |
| securityactions | securityAction collection | Actions that respond to alerts to block malicious activities. |
| tiindicators | tiIndicator collection | Threat indicators sent to Microsoft that identify malicious activities. |
| threatSubmission | security.threatSubmission | A threat submission sent to Microsoft; for example, a suspicious email threat, URL threat, or file threat. |
JSON representation
The following JSON representation shows the resource type.
{
"@odata.type": "#microsoft.graph.security"
}