New options in Defender for Endpoint web filtering

directorcia Endpoint Manager, Microsoft 365 April 27, 2021 1 Minute

A nice new option I just noticed in Defender for Endpoint web filtering. As shown above, you can now block users navigating to newly registered domains and parked domains that can be used for phishing attacks.

To set this, navigate to Settings, the under Rules select Web content filtering and create or adjust a policy to include all the Uncategorized options as shown above.

Tagged
Security

Published by directorcia

View all posts by directorcia

Published April 27, 2021

6 thoughts on “New options in Defender for Endpoint web filtering”

Christophe Humbert says:

April 27, 2021 at 4:55 pm

Cool feature
Do we have a list of the lists Microsoft Used for the reputation/categorization of sites/URLs
Thanks

LikeLike

Reply
1. directorcia says:
  
  April 27, 2021 at 5:05 pm
  
  This service is provided by a third party – Cyren. You need to go there to determine the specifics but I doubt they will tell as then the bad actors can work around these types of lists.
  
  LikeLike
  
  Reply
Frenkel says:

May 6, 2021 at 1:52 am

Microsoft no longer uses Cyren. They have switched to Incompass from Netstar some time ago. In contrast to Cyren it is less obvious what the lists are that Netstar maintains.

LikeLike

Reply
1. directorcia says:
  
  May 6, 2021 at 7:19 am
  
  Is there any documentation on that fact?
  
  LikeLike
  
  Reply
  1. Frenkel says:
    
    May 7, 2021 at 1:45 am
    
    https://is.gd/ozMyza
    
    it is still not documented that well (probably because it is still preview?), but you can find several threads on this.
    I pasted one above.
    
    LikeLike
Christophe Humbert says:

May 7, 2021 at 2:34 am

Thanks a lot Guys

LikeLike

Reply