A nice new option I just noticed in Defender for Endpoint web filtering. As shown above, you can now block users navigating to newly registered domains and parked domains that can be used for phishing attacks.
To set this, navigate to Settings, the under Rules select Web content filtering and create or adjust a policy to include all the Uncategorized options as shown above.
6 thoughts on “New options in Defender for Endpoint web filtering”
Do we have a list of the lists Microsoft Used for the reputation/categorization of sites/URLs
This service is provided by a third party – Cyren. You need to go there to determine the specifics but I doubt they will tell as then the bad actors can work around these types of lists.
Microsoft no longer uses Cyren. They have switched to Incompass from Netstar some time ago. In contrast to Cyren it is less obvious what the lists are that Netstar maintains.
Is there any documentation on that fact?
it is still not documented that well (probably because it is still preview?), but you can find several threads on this.
I pasted one above.
Thanks a lot Guys