ATP and scanning Links

Hey Deleted,

I am not fully sure I follow your ask. Or at least I think I do, but with how the software works, a "pre scan" would not violate your security/propriataryness anymore than how the software works.

Let me speak to the experience using ATP so you get an understanding of the software, and that may help to answer your question.

When you get a hyperlink that is enclosed in an email to a user account that has ATP running, the hyperlink still appears in the email itself. However if you were to hover over the link, you would actually see it re-directs to a protection.outlook.com address.

The reason it does not "click a link beforehand" is that it would be inefficient and easily by-passable as bad actors could easily just change a malicious link later on to bypass that system. Instead, anytime a user clicks on a link that has been sent through email that had ATP turns on, it instead re-directs them to a secure microsoft site, that opens the URL on the back end.

Assuming everything checks out (IE there is no malicious code there) it then merges the connection and you are on your way.
If when it opens the link on their back end, their system detects malicious code/malware/viruses/etc, it will terminate the connection, and tell you it will no open the connection because of malicious code.

Microsoft does not care at all about what is in the link/what it says/etc. They only care if there is actively bad code/attacks that come from that address. If the answer to that is no, you go on about your day like normal. If it is yes, it protects your users, and does so in real time as to always have that protect, not just on the initial scan.

Hopefully this helps to address your concerns/or at least give you the information you need.

Adam