Microsoft Graph Security API Sample for ASP.NET 4.6 (REST)

Table of contents

Introduction

There are three sample projects to get you started using the Microsoft Graph Security API.

Sample project V1.0

Sample project V1.0 creates a very basic web User Interface (aka UI) that demonstrates using Microsoft Graph Security API to:

• Build and submit queries to retrieve alerts
• Update the lifecycle fields (e.g. status, feedback, comments, etc.) of an alert
• Subscribe to Alert notifications (based on a filtered query) as well as a sample listener for Alert notifications. 

This project uses an SDK generated by the Microsoft Graph to interact with the Microsoft Graph API.

> Note: you can also directly use REST queries to interact with the Graph Security API service

Sample project V2.0

Sample project V2.0 creates an Advanced version of the V1.0 UI, including a 'Dashboard ribbon' that displays a statistical view of alerts (e.g. Users at risk, i.e. with the most severity alerts, etc.), that demonstrates using Microsoft Graph Security API to:

• Retrieve the customer organization's Secure score and Secure score control profiles
    > In addition to functionality of V1.0 (listed below)
• Build and submit queries to retrieve alerts
• Update the lifecycle fields (e.g. status, feedback, comments, etc.) of an alert
• Subscribe to Alert notifications (based on a filtered query) as well as a sample listener for Alert notifications. 

The advanced UI allows clicking on virtually any property to generate a filtered query for that property value, enabling an intuitive 'point and click' investigation experience.

> Note: V2.0 uses an SDK generated by Microsoft Graph to call the Microsoft Graph Security API for alerts and subscriptions,
 and REST calls for Secure score and Secure score control profiles (as these are still in Beta).

Sample project V3.0

Sample project V3.0 creates a more Advanced version of the V2.0 UI, which uses an angular server and can be directly used as a tool for investigation purposes by analysts, It demonstrates using Microsoft Graph Security API to:

• Create security actions (Eg: Block IP) and retrieve them 
• Provides capability to do advanced filtering on the UI for alerts, secure score, security actions and subscriptions
    > In addition to functionality of V2.0 (listed below)
• Build and submit queries to retrieve alerts
• Update the lifecycle fields (e.g. status, feedback, comments, etc.) of an alert
• Retrieve the customer organization's Secure score and Secure score control profiles
• Subscribe to Alert notifications (based on a filtered query) as well as a sample listener for Alert notifications. 

Questions and comments

We'd love to get your feedback about this sample! Please send us your questions and suggestions in the Issues section of this repository.

Your feedback is important to us. Connect with us on Stack Overflow. Tag your questions with [MicrosoftGraph].

Contributing

If you'd like to contribute to this sample, see CONTRIBUTING.md.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact opencode@microsoft.com with any additional questions or comments.

Additional resources

Copyright (c) 2018 Microsoft. All rights reserved.