As you may know, Microsoft Graph Security is the unified way to gather all security signals from the Microsoft Cloud security solutions (Azure, Office 365, on-premises using connector…).

Well, this is now getting better and easier for your security team to get the unified view resulting of these correlation.

You can now use the new Power BI Microsoft Graph Security connector and the sample dashboard (https://aka.ms/graphsecuritypowerbiconnectorsamples) to get an rapid security risk report and overview.

To start using this Power BI dashboard, download and install the Power BI desktop client (https://www.microsoft.com/en-us/download/details.aspx?id=45331) – you need to have the Power BI Desktop February 2019 update (version 2.66.5376.1681); if had it already installed, you need to update it.

Then start Power BI Desktop and get the data from the Graph Security using the Get data\more from the ribbon

image

Search for Microsoft Graph Security or browse the Online Services

image

Then you acknowledge the preview state, and probably check the “Don’t warm me again about this connector” to avoid further notification while this is in preview

image

You select the Graph Security API version to use; at this stage it seems it does not really matter which one you choose

image

Then you sign in to your tenant; you need to have at least Security Reader access role

image

During the first login you will get prompted to grant the appropriate permission to the Graph Security API connector; if you are logging as global administration, it may be a good thing to check the box “Consent on behalf of your organization”.

image

That’s it, you now have the RAW data from the Graph Security and you can select the entity/entities to load

imageimageimage

Then you can use the sample dashboard you may have downloaded earlier (see above) by importing it

imageimage

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.