diff --git a/lib/services/securityManagement/lib/models/alert.js b/lib/services/securityManagement/lib/models/alert.js
index d86a2e8886..0b7b5624ee 100644
--- a/lib/services/securityManagement/lib/models/alert.js
+++ b/lib/services/securityManagement/lib/models/alert.js
@@ -35,7 +35,8 @@ class Alert extends models['Resource'] {
    * incident
    * @property {string} [actionTaken] The action that was taken as a response
    * to the alert (Active, Blocked etc.)
-   * @property {string} [reportedSeverity] Estimated severity of this alert
+   * @property {string} [reportedSeverity] Estimated severity of this alert.
+   * Possible values include: 'Silent', 'Information', 'Low', 'High'
    * @property {string} [compromisedEntity] The entity that the incident
    * happened on
    * @property {string} [associatedResource] Azure resource ID of the
@@ -45,6 +46,8 @@ class Alert extends models['Resource'] {
    * Non-Azure)
    * @property {boolean} [canBeInvestigated] Whether this alert can be
    * investigated with Azure Security Center
+   * @property {boolean} [isIncident] Whether this alert is for incident type
+   * or not (otherwise - single alert)
    * @property {array} [entities] objects that are related to this alerts
    * @property {number} [confidenceScore] level of confidence we have on the
    * alert
@@ -225,6 +228,14 @@ class Alert extends models['Resource'] {
               name: 'Boolean'
             }
           },
+          isIncident: {
+            required: false,
+            readOnly: true,
+            serializedName: 'properties.isIncident',
+            type: {
+              name: 'Boolean'
+            }
+          },
           entities: {
             required: false,
             serializedName: 'properties.entities',
diff --git a/lib/services/securityManagement/lib/models/index.d.ts b/lib/services/securityManagement/lib/models/index.d.ts
index d5220e431b..62842dc33a 100644
--- a/lib/services/securityManagement/lib/models/index.d.ts
+++ b/lib/services/securityManagement/lib/models/index.d.ts
@@ -421,7 +421,8 @@ export interface Alert extends Resource {
   */
   readonly actionTaken?: string;
   /**
-   * Estimated severity of this alert
+   * Estimated severity of this alert. Possible values include: 'Silent', 'Information', 'Low',
+   * 'High'
   */
   readonly reportedSeverity?: string;
   /**
@@ -441,6 +442,10 @@ export interface Alert extends Resource {
    * Whether this alert can be investigated with Azure Security Center
   */
   readonly canBeInvestigated?: boolean;
+  /**
+   * Whether this alert is for incident type or not (otherwise - single alert)
+  */
+  readonly isIncident?: boolean;
   /**
    * objects that are related to this alerts
   */