Microsoft Graph Security

Details
Content
Dependencies
Version History

Unified gateway to security insights - all from a unified Microsoft Graph Security API.

Use the Microsoft Graph integration to fetch and manage alerts from various Microsoft security sources, such as:

Azure ATP
Azure Security Center
Microsoft CAS
Azure Active Directory Identity Protection
Azure Sentinel
Microsoft Defender for Endpoint (ATP)

What does this pack do?

Unify and standardize alert tracking
Correlate security alerts to improve threat protection and response
Update alert tags, status, and assignments
Unlock security context to drive investigation
Automate security workflows and reporting
Get deep insights to train security solutions

Integrations

Name	Description
Microsoft Graph Security	Unified gateway to security insights - all from a unified Microsoft Graph Security API.

Parsing Rules

Name	Description
Microsoft Graph Security Parsing Rules

Modeling Rules

Name	Description
Microsoft Graph Security Modeling Rules

Integrations

Name	Description
Microsoft Graph Security	Unified gateway to security insights - all from a unified Microsoft Graph Security API.

Pack Name	Pack By
Base	By: Cortex XSOAR

2.1.17 - 4935746 (March 30, 2023)

Integrations

Microsoft Graph Security

Updated the Docker image to: demisto/crypto:1.0.0.52480.

Related pull requests:
- 23980

Download

2.1.16 - R4718798 (March 1, 2023)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 24856

Download

2.1.15 - R4646022 (February 19, 2023)

Integrations

Microsoft Graph Security

Improved implementation of the authorization process with the Oproxy server.
Fixed an issue where linter failed due to pylint errors.
Updated the MicrosoftApiModule to better handle the Auth code authorization flow in the supported integrations.

Related pull requests:
- 24261

Download

2.1.12 - 4560457 (February 7, 2023)

Integrations

Microsoft Graph Security

Added support for authentication using Azure Managed Identities.
Updated the Docker image to: demisto/crypto:1.0.0.47103.

Related pull requests:
- 23951

Download

2.1.11 - 4485162 (January 27, 2023)

Integrations

Microsoft Graph Security

This version requires the Base pack to be updated to version 1.31.56 or higher.
Fixed an issue in the parsing of Private Key integration parameter.
Updated the Docker image to: demisto/crypto:1.0.0.45575.

Related pull requests:
- 24130

Download

2.1.10 - 4372591 (January 11, 2023)

Integrations

Microsoft Graph Security

Added the following integration parameters to support credentials fetching object:
Application ID or Client ID
Token or Tenant ID
Key or Client Secret
Certificate Thumbprint
Private Key

Related pull requests:
- 23609

Download

2.1.9 - R4368875 (January 10, 2023)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 23386
- 22664
- 23389
- 23199
- 23281
- 23377
- 23391
- 23396
- 23397
- 23395
- 23224
- 23421
- 23392
- 22714
- 23423
- 23415
- 23420
- 23419
- 23405
- 23408
- 23407
- 23225
- 23365

Download

2.1.8 - 4278710 (December 25, 2022)

Integrations

Microsoft Graph Security

Updated the Docker image to: demisto/crypto:1.0.0.40696.
Fixed an issue in the msg-search-alerts command where the alert's category was not filtered correctly.

Related pull requests:
- 23148

Download

2.1.7 - 4247670 (December 20, 2022)

Integrations

Microsoft Graph Security

Fixed an issue where in some rare cases, commands would fail with a 'NoneType' object is not subscriptable message.

Related pull requests:
- 23140

Download

2.1.6 - 4169624 (December 7, 2022)

Integrations

Microsoft Graph Security

Updated the Docker image to: demisto/crypto:1.0.0.39526.
Change the tests running for the integration.

Related pull requests:
- 22746

Download

2.1.5 - 4112675 (November 28, 2022)

Integrations

Microsoft Graph Security

Fixed an issue where error was raised due to api metrics creation attempt from a script execution.

Related pull requests:
- 22476

Download

2.1.4 - 4092720 (November 23, 2022)

Integrations

Microsoft Graph Security

Documentation and metadata improvements.
Updated the Docker image to: demisto/crypto:1.0.0.36225.

Related pull requests:
- 20831

Download

2.1.3 - 4034921 (November 15, 2022)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 22074

Download

2.1.2 - 4013107 (November 11, 2022)

Integrations

Microsoft Graph Security

Internal code improvements.

Related pull requests:
- 22120

Download

2.1.1 - 3982079 (November 6, 2022)

Integrations

Microsoft Graph Security

Internal code improvements.

Related pull requests:
- 21879

Download

2.1.0 - 3769974 (October 2, 2022)

Changes are not relevant for XSOAR marketplace.

Related pull requests:
- 21461

Download

2.0.20 - 3257461 (July 13, 2022)

Integrations

Microsoft Graph Security

Updated the Docker image to: demisto/crypto:1.0.0.31715.

Related pull requests:
- 20024

Download

2.0.19 - 3056265 (June 8, 2022)

Integrations

Microsoft Graph Security

Updated the Docker image to: demisto/crypto:1.0.0.30286.

Related pull requests:
- 19425

Download

2.0.18 - R2979078 (May 25, 2022)

Integrations

Microsoft Graph Security

Fixed an issue where an empty fetch_limit parameter was not parsed correctly.

Download

2.0.17 - 2813273 (April 25, 2022)

Integrations

Microsoft Graph Security

Updated the Docker image to: demisto/crypto:1.0.0.28507.

Download

PUBLISHER

Cortex

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

Certification	Certified	Read more
Supported By	Cortex
Created	August 25, 2020
Last Release	March 30, 2023

WORKS WITH THE FOLLOWING INTEGRATIONS:

DISCLAIMER

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.