Simplify integration of Microsoft and partner security solutions with the Microsoft Graph Security API. The security API empowers customers and partners to build on the intelligent security graph.
· Unify and standardize alert management—Correlate alerts across security solutions more easily with a common alert schema. Write code once to integrate alerts from any graph-supported security solution. Easily stream high volumes of alerts to a SIEM through Security API integration with Azure Monitor.
· Unlock security context to drive investigation—Dive deep into related entities (like users, hosts, apps, and others) and add organizational context from other Microsoft Graph providers, including Azure Active Directory, Microsoft Intune, Office 365, and more.
· Automate SecOps for greater efficiency—Build and execute investigation and remediation runbooks, automate security policy checks and rule enforcement, and orchestrate actions across security solutions.
Source: Azure Roadmap