Inspiration came through connecting security Graph API with all Microsoft products with Analytics platform. Build applied intelligence with as many SOC KPI's to bring efficiency in handling events, alerts generated out of Microsoft platform.

What it does

Generate a dashboard view for any enterprise hosting microsoft platform of products and other third party vendors. Use the alert intelligence to correlate and give a proper end to end user, hosts, profiles, threat and vulnerability view.

How I built it

Used Azure tenant to connect with Analytics platform and generate dashboard view.

Challenges I ran into

Integration with Analytics platform as a lot of data translation happened.

Accomplishments that I'm proud of

The team was able to generate the final outcome of KPI's through the alerts came through from Security graph API JSON file.

What I learned

We learnt using security graph API, not only we could connect internal alert intelligence we could connect with external threat intelligence solution and provide an end to end threat, vulnerability and user, accounts, profiles, hosts risk review.

What's next for Applied Intelligence through Security Graph API

We looking for next build into SOC metrics utility and integrate with Managed security services component.

Built With

Share this project: