Default Policy

Configuration Type: Threat

https://graph.microsoft.com/v1.0/schemas/security_threats

Documentation: None

Microsoft Docs
JSON Template
{
  "alertPolicies": [
    {
      "activity": "Detected malware in an email message",
      "category": "Threat management",
      "description": "Alert for detected malware in email messages.",
      "enabled": true,
      "mailDirection": "Inbound",
      "name": "Malware Detection Alert",
      "recipientTags": [
        "Priority account"
      ],
      "severity": "High"
    },
    {
      "activity": "Phishing email detected at time of delivery",
      "category": "Threat management",
      "description": "Alert for phishing emails detected at time of delivery.",
      "enabled": true,
      "mailDirection": "Inbound",
      "name": "Phishing Detection Alert",
      "recipientTags": [
        "Priority account"
      ],
      "severity": "High"
    }
  ],
  "priorityAccountProtection": true,
  "priorityAccounts": [
    "CEO",
    "CISO",
    "CFO",
    "IT Admin"
  ]
}
JSON Preview
JSON Schema
Property Accepted Values
Loading schema properties...