Cybersecurity is one of the hottest areas in tech. Gartner forecasts worldwide information security spending to exceed $124B** by the end of 2019. As attackers continue to find ways to breach systems, the market for security solutions is growing at a rapid pace with many new entrants and innovative solutions. 

We need your help solving one of the biggest challenges facing security professionals today – connecting this diverse ecosystem of security solutions to improve the speed and accuracy of cyber defenses. Today, most organizations use dozens of different security products - some focused-on device or user security, others on protecting data and apps, along with tools to help manage risks and investigate attacks. But these products don't often work well together, and it’s up to an organization to try to stitch everything together. This takes time, resources, and frankly just isn't that effective (we've all seen the headlines about yet another breach!).

You have the opportunity to directly solve that challenge with the Microsoft Graph Security API. The Graph Security API is a unified REST endpoint that makes it easy to access and act on security insights from an ecosystem of connected security solutions. The possibilities are endless - see the inspiration and other resources to help you get started.

**Gartner Press Release, Gartner Forecasts Worldwide Information Security Spending to Exceed $124 Billion in 2019, August 15, 2018, Table 1.


NEW - Office Hours: Join the February Office Hours call on Wednesday, 2/13 from 8am-9am PST 

The monthly office hours conference call is to:

  • answer any questions Hackathon participants may have
  • to discuss any Hackathon scenarios / challenges participants are facing
  • share any general updates pertaining to the Hackathon

This is open to all Hackathon participants and the Hackathon manager team will also join in to guide and help. The office hours will happen on the 2nd Wednesday of each month for the Hackathon duration.

Add to Calendar


  • Individuals, and teams of individuals, who have reached the age of majority in their jurisdiction of residence at the time of entry
  • Organizations that, at the time of entry, have been duly organized or incorporated and validly exist.
  • The competition will welcome submitters from around the globe. However, individuals or organizations may be disqualified if they are based in a nation, state, province, or territory where U.S. or local law prohibits participating in the competition or receiving a prize. This includes individuals, who are residents of, and organizations domiciled in Brazil, Quebec, Cuba, Sudan, Iran, North Korea, Syria, Region of Crimea and any other country designated by the United States Treasury's Office of Foreign Assets Control.
  • Employees of Microsoft, Devpost, and contractors currently under contract work for Microsoft or Devpost are not eligible.


Main Requirement: Build or update a functioning Microsoft Graph-powered solution that leverages the Microsoft Graph Security API. Your solution must use the Microsoft Graph security/alerts or security/securescore entities.

Those solutions that incorporate use of other Graph services (users, groups, mail, messages, etc.) in addition to the security entities will get extra credit in judging!   

Additional submission requirements:

  • Submit a demo video (hosted on YouTube, Vimeo). Your video should include a demo of your working application via a step-by-step visual demo.
  • Please submit at least one image/screenshot of your application.
  • Provide a way to access your working application for judging and testing.

Hackathon Sponsors


$15,000 in prizes

First Place

• $10,000 USD cash prize
• Speaking opportunity at Microsoft Build 2019
• Promotion via Microsoft blog posts

Runner Up

• $3,000 USD cash prize
• Promotion via Microsoft blog posts

Popular Choice

• $2,000 USD cash prize
• Promotion via Microsoft blog posts

Devpost Achievements

Submitting to this hackathon could earn you:

How to enter

  1. Register for the hackathon on Devpost.
  2. Learn about the Graph Security API in the Resources tab to get started.
  3. Find a teammate (optional) by reaching out to other developers on the Participants tab.
  4. Follow the guidance in the Resources tab to either use our demo tenant or follow the steps to acquire your own tenant to build and test your application.
  5. Shoot your demo video and take screenshots of your functioning application. Enumerate use cases to clearly call out value proposition of your application.
  6. Provide a way to access your project for judging and testing, including a link to your repo hosting the application’s code, and any other deployment files and instructions needed. This can be on a code repository service, an attached file, or a shared folder. If your share or repository is private, share access with Ensure your code compiles fine and works as expected before sharing!
  7. Submit your application on by March 1st, 2019 for consideration in the hackathon!


Ann Johnson

Ann Johnson
CVP, Cybersecurity Solutions Group, Microsoft

Rick Howard

Rick Howard
Chief Security Officer, Palo Alto Networks

Scott Hanselman

Scott Hanselman
Partner Program Manager, Microsoft

Mark Russinovich

Mark Russinovich
CTO of Azure, Microsoft

Troy Hunt

Troy Hunt
Microsoft MVP - Developer Security

Olli Vanhoja

Olli Vanhoja
Head of Security, ZEIT

Judging Criteria

  • Quality of the Idea
    Indicates creativity, originality, and the potential to significantly improve organizational security.
  • Value to Enterprise
    Demonstrates usefulness to an enterprise, for example by streamlining or automating security operations, reducing threat detection and response times, or improving the effectiveness of existing security tools.
  • Technical Implementation
    Includes how well the idea was executed by the developer, including the user experience, the complexity of the scenarios, use of additional Graph entities or data or other APIs, and whether it performs as expected.

Questions? Email the hackathon manager

Tell your friends

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.