Apr 18 2020 04:45 AM
Hi,
I'm looking for Microsoft.SecurityInsights Api documentation for fetching incidents and alerts. I think its preview. Any advice would be appreciated.
Best
Jasmine
Apr 28 2020 10:21 AM - edited Apr 28 2020 10:26 AM
SolutionHi @jojo_the_coder, by Security Insights API, are you referring to Graph Security API? If so, then please refer to this documentation. Please note, the Graph Security API returns alerts, and the alerts are provided onboard Microsoft security providers such as MCAS, Azure Sentinel, Microsoft Defender ATP, etc. The alerts can be from an incident provided by Azure Sentinel. However, it doesn't surface the incident itself.
Apr 28 2020 10:21 AM - edited Apr 28 2020 10:26 AM
SolutionHi @jojo_the_coder, by Security Insights API, are you referring to Graph Security API? If so, then please refer to this documentation. Please note, the Graph Security API returns alerts, and the alerts are provided onboard Microsoft security providers such as MCAS, Azure Sentinel, Microsoft Defender ATP, etc. The alerts can be from an incident provided by Azure Sentinel. However, it doesn't surface the incident itself.