hostReputation resource type
Namespace: microsoft.graph.security
Note
The Microsoft Graph API for Microsoft Defender Threat Intelligence requires an active Defender Threat Intelligence Portal license and API add-on license for the tenant.
Represents the reputation of a host based on a series of rules. This score helps users quickly understand any detected ties to malicious or suspicious infrastructure when validating the reputation of a known or unknown entity. The platform provides quick information about the activity of these entities (such as first and last seen timestamps or autonomous system details) and a list of rules that affect the reputation score when applicable.
Reputation data is important to understanding the trustworthiness of an attack surface and is also useful when assessing unknown hostnames or IP addresses that appear in investigations. These scores uncover any prior malicious or suspicious activity that affected the entity, or other known indicators of compromise to consider.
Methods
| Method | Return type | Description |
|---|---|---|
| Get hostReputation | microsoft.graph.security.hostReputation | Read the properties and relationships of a microsoft.graph.security.hostReputation object, for a given microsoft.graph.security.host. |
Properties
| Property | Type | Description |
|---|---|---|
| classification | microsoft.graph.security.hostReputationClassification | The calculated reputation of the host. The possible values are: unknown, neutral, suspicious, malicious, unknownFutureValue. |
| id | String | A system-generated ID for this hostReputation. |
| rules | microsoft.graph.security.hostReputationRule collection | A collection of rules that have been used to calculate the classification and score. |
| score | Int32 | The calculated score (0-100) of the requested host. A higher value indicates that this host is more likely to be suspicious or malicious. |
Relationships
None.
JSON representation
The following is a JSON representation of the resource.
{
"@odata.type": "#microsoft.graph.security.hostReputation",
"classification": "String",
"id": "String (identifier)",
"rules": [
{
"@odata.type": "microsoft.graph.security.hostReputationRule"
}
],
"score": "Int32"
}
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for