New options in Defender for Endpoint web filtering

image

A nice new option I just noticed in Defender for Endpoint web filtering. As shown above, you can now block users navigating to newly registered domains and parked domains that can be used for phishing attacks.

To set this, navigate to Settings, the under Rules select Web content filtering and create or adjust a policy to include all the Uncategorized options as shown above.

6 thoughts on “New options in Defender for Endpoint web filtering

  1. Cool feature
    Do we have a list of the lists Microsoft Used for the reputation/categorization of sites/URLs
    Thanks

    Like

    1. This service is provided by a third party – Cyren. You need to go there to determine the specifics but I doubt they will tell as then the bad actors can work around these types of lists.

      Like

  2. Microsoft no longer uses Cyren. They have switched to Incompass from Netstar some time ago. In contrast to Cyren it is less obvious what the lists are that Netstar maintains.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s