diff --git a/Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.py b/Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.py
index 29ff8e09ff6..978e4d2e4ab 100644
--- a/Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.py
+++ b/Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.py
@@ -125,7 +125,7 @@ def fetch_incidents(client: MsGraphClient, fetch_time: str, fetch_limit: int, fi
     time_to = datetime.now().strftime(timestamp_format)
 
     # Get incidents from MS Graph Security
-    demisto.debug(f'Fetching MS Graph Security incidents. From: {time_from}. To: {time_to}\n')
+    demisto.debug(f'Fetching MS Graph Security incidents. From: {time_from}. To: {time_to}. Filter: {filter_query}')
     incidents = client.search_alerts(last_modified=None, severity=None, category=None, vendor=None, time_from=time_from,
                                      time_to=time_to, filter_query=filter_query)['value']
 
@@ -148,8 +148,6 @@ def fetch_incidents(client: MsGraphClient, fetch_time: str, fetch_limit: int, fi
             last_incident_time = demisto_incidents[-1].get('occurred')
             new_last_run.update({'time': last_incident_time})
 
-    if not demisto_incidents:
-        new_last_run.update({'time': time_to})
     demisto.setLastRun(new_last_run)
     return demisto_incidents
 
diff --git a/Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml b/Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml
index 1062ea62e80..4c8ae4e8a96 100644
--- a/Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml
+++ b/Packs/MicrosoftGraphSecurity/Integrations/MicrosoftGraphSecurity/MicrosoftGraphSecurity.yml
@@ -319,7 +319,7 @@ script:
     - contextPath: MsGraph.User.Name
       description: User name
       type: string
-  dockerimage: demisto/crypto:1.0.0.11412
+  dockerimage: demisto/crypto:1.0.0.12979
   feed: false
   isfetch: true
   longRunning: false
diff --git a/Packs/MicrosoftGraphSecurity/ReleaseNotes/2_0_5.md b/Packs/MicrosoftGraphSecurity/ReleaseNotes/2_0_5.md
new file mode 100644
index 00000000000..a6f24fee26f
--- /dev/null
+++ b/Packs/MicrosoftGraphSecurity/ReleaseNotes/2_0_5.md
@@ -0,0 +1,5 @@
+
+#### Integrations
+##### Microsoft Graph Security
+- Fixed an issue where alerts were not pulled in the fetch incidents flow.
+- Upgraded the Docker image to demisto/crypto:1.0.0.12979.
\ No newline at end of file
diff --git a/Packs/MicrosoftGraphSecurity/pack_metadata.json b/Packs/MicrosoftGraphSecurity/pack_metadata.json
index 7d88a89c628..da36333db78 100644
--- a/Packs/MicrosoftGraphSecurity/pack_metadata.json
+++ b/Packs/MicrosoftGraphSecurity/pack_metadata.json
@@ -2,7 +2,7 @@
     "name": "Microsoft Graph Security",
     "description": "Unified gateway to security insights - all from a unified Microsoft Graph\n  Security API.",
     "support": "xsoar",
-    "currentVersion": "2.0.4",
+    "currentVersion": "2.0.5",
     "author": "Cortex XSOAR",
     "url": "https://www.paloaltonetworks.com/cortex",
     "email": "",