Skip to main content

Microsoft Graph Security

Download With Dependencies

Unified gateway to security insights - all from a unified Microsoft Graph Security API.

Microsoft Graph Security

This pack includes XSIAM content.

Use the Microsoft Graph integration to fetch and manage alerts from various Microsoft security sources, such as:

  • Azure ATP
  • Azure Security Center
  • Microsoft CAS
  • Azure Active Directory Identity Protection
  • Azure Sentinel
  • Microsoft Defender for Endpoint (ATP)

What does this pack do?

  • Unify and standardize alert tracking
  • Correlate security alerts to improve threat protection and response
  • Update alert tags, status, and assignments
  • Unlock security context to drive investigation
  • Automate security workflows and reporting
  • Get deep insights to train security solutions

Microsoft Graph Security

This pack includes XSIAM content.

  • Pay attention: Timestamp parsing is available for UTC timezone, using the yyyy-mm-ssTHH:MM:SS.3msZ format.

Use the Microsoft Graph integration to fetch and manage alerts from various Microsoft security sources, such as:

  • Microsoft 365 Defender unified alerts API
  • Microsoft Defender for Endpoint
  • Microsoft Defender for Office 365
  • Microsoft Defender for Identity
  • Microsoft Defender for Cloud Apps
  • Microsoft Purview Data Loss Prevention (including any future new signals integrated into M365D).

What does this pack do?

  • This content XDM mappings are based on the Office 365 integration, in the Graph API section enable alertv2 Doc.
  • Unify and standardize alert tracking
  • Correlate security alerts to improve threat protection and response
  • Update alert tags, status, and assignments
  • Unlock security context to drive investigation
  • Automate security workflows and reporting
  • Get deep insights to train security solutions

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByCortex
CreatedAugust 25, 2020
Last ReleaseMay 16, 2024
WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER
Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.