Skip to Content
ReportsMonitoringSecurity AnalyticsSecurity Trends

Security Trends

Analyze security metrics and trends over time across all managed tenants. Track threat volumes, incident rates, vulnerability counts, and security score changes.

Overview

The Security Trends report provides time-series analysis of key security metrics across your Microsoft 365 environment. Use this data to identify improving or deteriorating security areas, plan resource allocation, and report on security program effectiveness to stakeholders.

Trend Categories

  • Phishing volume — Number of phishing attempts over time
  • Malware detections — Malware caught by Defender over time
  • Blocked attacks — Total threats prevented by security controls
  • User-reported threats — Threats reported by end users
  • Incident volume — Number of security incidents over time
  • Severity distribution — How incident severity is changing
  • Mean time to detect (MTTD) — How quickly threats are identified
  • Mean time to resolve (MTTR) — How quickly incidents are closed
  • Open vulnerabilities — Count of unpatched vulnerabilities over time
  • Critical/High severity — High-priority vulnerabilities trend
  • Patch compliance — Percentage of devices with current patches
  • Mean time to patch — Average time to deploy security updates
  • Secure Score — Microsoft Secure Score trajectory
  • Category scores — Identity, Device, Apps, Data score trends
  • Tenant comparison — How different tenants compare over time

Key Metrics

MetricDescription
Threat Volume ChangePercentage change in threat detections
Incident Resolution RatePercentage of incidents resolved on time
Vulnerability ReductionNet change in open vulnerabilities
Score ImprovementPoint change in Secure Score

Filters

  • Date Range — Last 30, 60, 90, 180 days or custom
  • Trend Category — Threats, Incidents, Vulnerabilities, Score
  • Tenant — All tenants, specific tenant, or tenant groups
  • Severity — Critical, High, Medium, Low

Reporting

Use trend data for:

  1. Monthly security review presentations
  2. Quarterly business reviews with clients
  3. Board-level security posture reports
  4. Compliance audit evidence
  5. Security program ROI analysis

API Reference

  • GET /api/monitoring/security-analytics/trends — Get security trend data
  • GET /api/monitoring/security-analytics/trends/threats — Get threat trends
  • GET /api/monitoring/security-analytics/trends/incidents — Get incident trends
  • POST /api/monitoring/security-analytics/trends/export — Export trend data
Last updated on
Security PostureMonitoring