2. • https://aka.ms/microsoftgraphcall
• Monthly cadence
• Next call: November 6 , 2018
• What’s new & how you can use it
• Meet the product teams behind Microsoft Graph
• Technical deep dives
• Q&A
10. Develop investigation and remediation
playbooks that call Graph Security to
take actions
Automate security policy checks enforce
rules, and orchestrate actions across
security solutions.
Integrate insights about users, hosts,
apps
Add organizational context from other
Microsoft Graph providers (Identity,
Intune, Office, etc.)
Improve visibility into Secure Score for
proactive risk management
Write code once to get alerts from any
Microsoft Graph Security provider
Correlate alerts across security
solutions more easily with a common
alert schema
Keep alert status and assignments in
sync across all solutions
Unified gateway to security insights and actions across Microsoft products, services, and partners
Streamline alert correlation
and management
Simplify orchestration and
automation
Unlock context to inform
security operations
11. Alerts entity is now generally available!
An expanded set of Microsoft plus third-party alert providers
Support for alert updates - alerts can be tagged with additional context or threat intelligence to inform
response and remediation, comments and feedback can be captured for visibility to other workflows, and alert
status and assignments can be kept in sync
More alerts can be streamed to SIEM solutions, like Splunk and IBM QRadar, through Azure Monitor
Microsoft Secure Score is now available in beta – helping customers proactively manage security risk by
providing visibility into their security posture and guidance on how to improve it
New and updated developer resources:
Microsoft Graph SDKs now include support for security alerts.
Updated documentation and code samples in multiple languages help developers get started.
An open source repository with guidelines enables developers to contribute to code samples.
A new whitepaper introduces Microsoft Graph Security.
12. Alerts
Security Profiles
Host | User | File | App | IP
Actions Configurations
MICROSOFT GRAPH SECURITY API
Federates queries, Aggregates Results, Applies Common Schema
Ecosystem
Partners
Threat
Intelligence
Secure Score
13. 13
Onboarding additional Microsoft and ecosystem products
Unlock new security context through Security Profiles
Add automation through Actions and Configuration
Enable customers to bring their own Threat Intelligence to Microsoft
Additional client SDKs and sample code through Microsoft Graph
14.
15. Documentation
Read the documentation
https://aka.ms/graphsecuritydocs
Learn how to stream alerts to your SIEM
https://aka.ms/graphsecuritySIEM
Read the whitepaper:
https://aka.ms/graphsecuritywhitepaper
Code and Contribute
Get started with samples and contribute
https://aka.ms/graphsecurityapicodecontribute
Download the SDKs
https://aka.ms/graphsecuritysdk
Explore in Microsoft Graph
https://developer.microsoft.com/en-
us/graph/graph-explorer
Communities
Join the Tech Community
https://aka.ms/graphsecuritycommunity
Follow the discussion on Stack Overflow
https://stackoverflow.com/questions/tagged/mic
rosoft-graph-security
28. Facebook
looks like
Facebook
All 3rd party
content is
tightly
controlled
Only have to
decorate their
content once
For Users For Content AuthorsFor Host Apps
29. Every template
must be designed,
implemented, and
documented on
every platform
Limited types of
content (articles,
video, airline, etc.)
For Content AuthorsFor Host Apps
42. Generally Available ( /v1.0 ) Preview ( /beta )
Office 365
Exchange (Get MailTips)
OneDrive (Preview, Followed docs)
AAD (Device Configuration)
EMS
Security (Alerts)
Office 365
Exchange (Get free/busy data, Add custom internet headers to
message)
SharePoint (Sharing Links, Followed content, Pages and List Views
API’s)
Dynamics
Business Central (Financials)
EMS
AAD (Risky users, Sign-in, Access review, B2x ext user state)
Teams (Tab creation, Calling, App Context, Provisioning, Classroom
creation)
Security (Secure Score)
Coming by EOY CY18
AAD (Applications)
Exchange (Get MIME content of messages)
Data sets
43. Generally Available ( /v1.0 ) Preview ( /beta )
Delta – return only changed properties for delta query on
Azure AD objects (user and groups)
Webhooks – notifications on user/group is
created/modified/deleted
Microsoft Graph data connect
Delta – query for new entities: apps, servicePrinicipals,
directoryRoles
Ability to delta query base type /directoryObjects and use isOf
filter to select 1 or more derrived types. E.g. use a single DQ to
sync user and group objects
Project Rome (User Notifications)
Coming by EOY CY18
Webhooks – "Rich webhooks" for Microsoft Team "messages" -
the app can now subscribe to receive notifications with the actual
content
Capabilities
44. Generally Available ( /v1.0 ) Preview ( /beta )
.NET – 1.11.0 Nuget package update
PHP – 1.3.3 Composer update
Java – General Availability
Javascript – Core library as a npm package
Typescript Types – npm package. Soon to be available on
DefinitelyTyped also.
Objective C (preview)– Support for core Graph
functionailty
PHP
Typescript Types
.Net – Coming soon
Java – Coming soon
SDKs
SDKs are all OSS on https://github.com/microsoftgraph
45. Responsiveness Flexibility Coverage
Monthly Releases Use only the parts you want
Graph Content
Batch, Multipart, Notifications, Paging,
Delta
Self-serve SDKs Access native HTTP objects
Middleware Pipeline
Auth, Redirect, Retry, Long Running
Operations, Caching
Common Feature Architecture Support more use-cases
Workflow Scenarios
Large File Upload, Mail with Attachment
Tell the s
Whether I realize it or not there are tons of cards in consumers lives.
Let me show you some of those
David: What about scuba?
Matt: well
Matt: As Twitter I can deeply about the experience for my users despite coming from multiple content creators like yourself
David: ok fine
David: How do I get my content on FB?
Matt: we’ve got articles, we’ve got video, websites
David: what about music?
Matt: their similar
David: what about messenger?
Matt: we changed from XML to JSON
David: if I’m Alaska, does my card look exactly like Delta?
Matt: well, no…
Matt: zip up my hoodie and put on hat
Emphasize that the cards always feel natural in the app we are showing
So many opportunities to engage with your customers where they are
Adaptive cards are an open source card exchange format which allows you as developers to embed your content into other applications, letting you reach your users wherever they spend their time. Adaptive cards can be embedded into Microsoft Teams, which we’ll look at later, but also the Windows Timeline, Bots, Cortana and more.
For now, let’s look at how Adaptive Cards can increase my personal productivity with Microsoft Outlook.
Matt first 2
David: At purely declarative make a bitcoin joke
"Self-serve SDKs" - Streamline the generation process so that it is simple to generate the model types for any version of Graph.
"Common Feature Architecture" - Add new features faster by architecting once and implementing in a consistent way across languages.
“Use only the parts you want” – Our SDKs are evolving to a design where you can choose which functionality you want to take advantage of. It should no longer be an all or nothing proposition.
"Support more use-cases" - From highly responsive interactive UIs on mobile devices, to high load pass-through web servers, we want to add value.