Forum Discussion
ATP Safe Links - Legitimate OneDrive for Business links and Deep Links
MicrosoftAbhimanyu Singh thanks for reporting the issue. We have not seen specific instance of this issue but thanks for filing the support ticket and we will get it investigated.
Thanks,
Abhishek Agrawal [MSFT]
Abhishek_Agrawal thank you.
The support ticket got closed and the issue was resolved by the back-end team. We had to temporarily whitelist the root URL with wildcards to disable ATP link wrapping to at least get the work going. Once resolved, we removed the whitelist. We also did a submission on root URL in the threat center, but that was marked as "completed" and we don't know what happened behind the submission nor whether that was even worthwhile! The entire process took 3-4 days.
However, it still is a mystery to me as to how in the first place ATP can block the root URL of OneDrive (https://org-my.sharepoint.com) instead of blocking the entire actual URL?
- Was there a risk by whitelisting yourselves that Defender might not block the maliciously embedded site in OneDrive? I agree with you - Defender did a great job protecting you from an internal threat - and then over-compensated by blocking internal legit sharing.
