Microsoft Defender
      Back to home
      1. Sittadel Knowledge Base
      2. Management Guides
      3. Microsoft Defender

      Defender for Office 365 Email URL Allowance

      This guide will show an administrator how to create a URL whitelisting for a link that has been falsely quarantined due to policy.

      Role Requirements

      Procedure Scope: Administrators

      Required Group Membership: Admin.Security

      Handbook Reference

      Package: TBD

      Domain: TBD

      Modifies: TBD

      Defender Email URL Allowance

      1. If an email is captured in Quarantine due to detected malware related to URL or File Attachments but you know that the source is reputable, gather the embedded link or file for the next step.
      2. Navigate to the URL Submission – Microsoft Defender, select Submit to Microsoft for Analysis.
      3. A pop-up will be generated asking details pertaining to the URL, the hyperlink itself as well as if it was registered as a false positive or false negative. In our case we have had a URL mistakenly blocked and need it to be whitelisted instead. Select Submit once all of the items have been configured.
      4. A finalization prompt will be displayed showing that the items have been submitted for review. Select Done to proceed.

      Need Assistance?

      Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.