This guide will show an administrator how to create a URL whitelisting for a link that has been falsely quarantined due to policy.
Role Requirements
Procedure Scope: Administrators
Required Group Membership: Admin.Security
Handbook Reference
Package: TBD
Domain: TBD
Modifies: TBD
Defender Email URL Allowance
- If an email is captured in Quarantine due to detected malware related to URL or File Attachments but you know that the source is reputable, gather the embedded link or file for the next step.
- Navigate to the URL Submission – Microsoft Defender, select Submit to Microsoft for Analysis.
- A pop-up will be generated asking details pertaining to the URL, the hyperlink itself as well as if it was registered as a false positive or false negative. In our case we have had a URL mistakenly blocked and need it to be whitelisted instead. Select Submit once all of the items have been configured.
- A finalization prompt will be displayed showing that the items have been submitted for review. Select Done to proceed.
Need Assistance?
Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.