Query Details
Azure AI Security Finding Report
Query
// Azure AI Security Finding Report ExposureGraphEdges | where TargetNodeCategories[0] == "AI" | where SourceNodeCategories[1] == "security_finding" | extend FindingDate = parse_json(EdgeProperties)["rawData"]["publishedDate"] | extend SecurityRiskLevel = parse_json(EdgeProperties)["rawData"]["risk"]["riskLevel"] | project FindingDate, SecurityRiskLevel, TargetNodeName, SourceNodeName
Explanation
This query is designed to extract specific information from a dataset called ExposureGraphEdges, which contains data about security findings related to AI systems. Here's a breakdown of what the query does:
-
Filter for AI Targets: It selects records where the first category of the target node is "AI", meaning the findings are related to AI systems.
-
Filter for Security Findings: It further filters these records to include only those where the second category of the source node is "security_finding", indicating that the source of the information is a security finding.
-
Extract and Parse Dates and Risk Levels: The query extracts the publication date of the finding and the security risk level from a JSON structure within the
EdgePropertiesfield. -
Select Specific Fields: Finally, it projects (or selects) only the relevant fields to display: the finding date (
FindingDate), the security risk level (SecurityRiskLevel), the name of the target node (TargetNodeName), and the name of the source node (SourceNodeName).
In simple terms, this query is pulling out and displaying the date, risk level, and involved nodes for security findings specifically related to AI systems.
Details
Steven Lim
Released: May 14, 2025
Tables
Keywords
Operators