Security solution integrations using the Microsoft Graph Security API
You can connect with the Microsoft Graph Security API using any of the following options. These options enable you to work with data in a unified format across supported Microsoft and partner security providers through a single integration.
- Directly using the supported integration options – Refer to the list of supported integration options like writing code to directly connect your application to derive rich insights. Leverage samples to get started.
- Use native integrations and connectors built by Microsoft partners – Refer to the Microsoft Graph Security API partner solutions to use these integrations.
- Use connectors built by Microsoft – Refer to the list of connectors that you can use to connect with the API through a variety of solutions for Security Incident and Management (SIEM), Security Response and Orchestration (SOAR), Incident Tracking and Service Management (ITSM), reporting, and so on.
List of connectors from Microsoft
|SIEM||Splunk Enterprise and Splunk Cloud||Microsoft Graph Security API Add-On for Splunk||Blog post
Splunk on Cloud blog post
|SIEM||QRadar||Microsoft Graph Security API Protocol and supported QRadar DSMs||-|
|ITSM||ServiceNow||Microsoft Graph Security API alert ingestion integration||-|
|SOAR||Azure Logic Apps / Microsoft Flow||Microsoft Graph Security connector for Azure Logic Apps, Microsoft Flow and Power Apps||Blog post|
|Automation||PowerShell module||Microsoft Graph Security PowerShell Module||Blog post|
|Reporting||Power BI||Microsoft Graph Security connector for Power BI||Blog post|
Review the partnership opportunities if you would like to support native integrations in your solution or be a data provider for Microsoft Graph Security API.