Leverage Security API to access MCAS alert info
Currently, we can query the Graph Security API to get MCAS alerts but the info is limited. The Description contains the file name but there's no other file information. We have to use the MCAS powershell module to get file info such as file path, Collaborators, sharing status and the Sensitive info type that triggered. All of this info is available through the MCAS alert console. It would be nice to be able to get that additional information from Graph.
We're trying to build a report of all alerts with all file and other data available and Powershell ends up taking hours to run in a company of 25,000 users. I'm open to any other methods as well to get that data. We tried connecting Power BI to the Security graph api but it only has the same limited file information, not all of it. Thanks!