Security Reports

Comprehensive security reporting across your Microsoft 365 environment. Monitor threats, track incidents, analyze vulnerabilities, and measure security posture improvement over time across all managed tenants.

Report Categories

Threat Reports

Active threats, malware detections, phishing attempts, and compromised accounts across all tenants.

  • • Malware detection summary
  • • Phishing campaign analysis
  • • Compromised user accounts
  • • Threat actor activity

Incident Reports

Security incidents from Microsoft Defender, their status, severity, and resolution timeline.

  • • Active incidents by severity
  • • Mean time to resolve (MTTR)
  • • Incident trends over time
  • • Cross-tenant incident correlation

Vulnerability Reports

Software vulnerabilities discovered across managed devices, with CVE details and remediation status.

  • • Critical vulnerabilities
  • • Exposed devices by CVE
  • • Patch compliance status
  • • Vulnerability age analysis

Secure Score Reports

Security posture tracking with score history, improvement trends, and benchmark comparisons.

  • • Score trends over time
  • • Category breakdown
  • • Tenant comparisons
  • • Industry benchmarks

Threat Summary

47

Active Threats

Last 24 hours

156

Blocked Attacks

Last 7 days

12

Open Incidents

Requiring action

94%

Threats Contained

Auto-remediated

Threat TypeCountBlockedTenants Affected
Malware234229 (98%)18
Phishing1,4561,423 (98%)45
Ransomware33 (100%)2
Credential Theft8976 (85%)12

Incident Analysis

Incidents by Severity

3

Critical

Immediate action

12

High

Action required

28

Medium

Review needed

156

Low/Info

Monitored

Resolution Metrics

Mean Time to Detect

4.2 min

↓ 15% from last month

Mean Time to Respond

18 min

↓ 22% from last month

Mean Time to Resolve

2.4 hrs

↓ 8% from last month

Vulnerability Overview

By Severity

Critical
45
High
128
Medium
342
Low
567

Top Vulnerable Software

Adobe Acrobat Reader23 CVEs
Google Chrome18 CVEs
Microsoft Edge12 CVEs
Java Runtime9 CVEs
7-Zip4 CVEs

Secure Score Trends

Score Distribution

Excellent (80%+)12 tenants
Good (60-79%)28 tenants
Needs Work (40-59%)15 tenants
Critical (<40%)5 tenants

Category Scores (Average)

Identity78%
Device65%
Apps52%
Data58%

Report Filters

  • Date Range — Last 24 hours, 7 days, 30 days, 90 days, or custom
  • Tenant — All tenants, specific tenant, or tenant groups
  • Severity — Critical, High, Medium, Low, Informational
  • Category — Threats, Incidents, Vulnerabilities, Score
  • Status — Active, Resolved, Investigating, False Positive

Data Sources

GET /security/alerts — Security alerts

GET /security/incidents — Security incidents

GET /security/secureScores — Secure Score data

GET /security/tiIndicators — Threat indicators

GET /deviceManagement/windowsMalwareInformation — Malware detections

API Reference

GET /api/reports/security/threats

Get threat summary across tenants

GET /api/reports/security/incidents

Get incident analysis report

GET /api/reports/security/vulnerabilities

Get vulnerability overview

GET /api/reports/security/secure-score

Get Secure Score trends

POST /api/reports/security/export

Export security report