Security solution integrations using the Microsoft Graph Security API

You can connect with the Microsoft Graph Security API using any of the following options. These options enable you to work with data in a unified format across supported Microsoft and partner security providers through a single integration:

  • Use the supported integration options: Refer to the list of supported integration options such as writing code to directly connect your application to derive rich insights.
  • Use native integrations and connectors built by Microsoft partners: Refer to the Microsoft Graph Security API partner solutions to use these integrations.
  • Use connectors built by Microsoft: Refer to the list of connectors that you can use to connect with the API through a variety of solutions for Security Incident and Management (SIEM), Security Response and Orchestration (SOAR), Incident Tracking and Service Management (ITSM), reporting, and so on.

List of connectors from Microsoft

Solution type Name Connector Announcement
SIEM Splunk Enterprise and Splunk Cloud Microsoft Graph Security API Add-On for Splunk Blog post
Splunk on Cloud blog post
SIEM QRadar Microsoft Graph Security API Protocol and supported QRadar DSMs -
ITSM ServiceNow Microsoft Graph Security API alert ingestion integration -
SOAR Azure Logic Apps / Microsoft Flow Microsoft Graph Security connector for Azure Logic Apps, Microsoft Flow and Power Apps Blog post
Automation PowerShell module Microsoft Graph Security PowerShell Module Blog post
Reporting Power BI Microsoft Graph Security connector for Power BI Blog post

If you would like to support native integrations in your solution or be a data provider for the Microsoft Graph Security API, review the partnership opportunities.