We heard your feedback and are happy to introduce PowerShell sample for Microsoft Graph Security API. This sample enables IT pros to leverage the Microsoft Graph Security API to build applications by making HTTPS REST API requests to the Microsoft Graph Security API from PowerShell. The Microsoft Graph Security API connects multiple security solutions to enable easier correlation of alerts, provide access to rich contextual information, and simplify automation. This empowers organizations to quickly gain insights and take actions across their security products, while reducing the cost and complexity of building and maintaining multiple integrations. For further details on integrating with the Microsoft Graph Security API, learn about the API and access the schema.
You can download this sample from the security-api-solutions GitHub repository, along with step-by-step instructions. Please note that this sample is intended to demonstrate Microsoft Graph Security API capabilities; it is not supported and not intended for production use.
The following features are showcased in this sample.
The first step to running the sample is to authenticate with the Microsoft Graph Security service. You will be prompted to specify your user principal name and issued a token that will last for an hour after successful authentication.Authentication - Enter user principal name
Authentication - Sign inGet Alerts
You can get top alerts as well as alerts by ID in this sample as illustrated below. You can extend this sample to other limitless possibilities like getting high severity alerts - “https://graph.microsoft.com/v1.0/security/alerts?$filter=Severity eq ‘High’” or get your top or most recent SecureScore – “https://graph.microsoft.com/beta/security/securescores?$top=1” and so on.Get Alerts
You can also update an alert by providing a well formatted JSON and alert ID as illustrated below. Update Alert
Try out the new Microsoft Graph Security API PowerShell sample and provide your feedback by filing a GitHub issue or by engaging on the Using Microsoft Security Graph API tech community or StackOverflow. Feel free to contribute to these samples as well per the contributing guidelines.