SOLVED

How to send notification to email security admins if malicious link is detected by ATP safe links

%3CLINGO-SUB%20id%3D%22lingo-sub-375928%22%20slang%3D%22en-US%22%3EHow%20to%20send%20notification%20to%20email%20security%20admins%20if%20malicious%20link%20is%20detected%20by%20ATP%20safe%20links%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-375928%22%20slang%3D%22en-US%22%3E%3CP%3EHow%20to%20send%20notification%20to%20email%20security%20admins%20if%20malicious%20link%20is%20detected%20by%20ATP%20safe%20links%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-375928%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EExchange%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-376056%22%20slang%3D%22en-US%22%3ERe%3A%20How%20to%20send%20notification%20to%20email%20security%20admins%20if%20malicious%20link%20is%20detected%20by%20ATP%20safe%20link%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-376056%22%20slang%3D%22en-US%22%3EHi%20%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F61448%22%20target%3D%22_blank%22%3E%40Marvin%20Oco%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EAFAIK%20there%20is%20no%20ability%20to%20send%20an%20email%20to%20admins%20if%20a%20malicious%20link%20is%20detected%20in%20Safe%20Links.%20By%20the%20policy%20you%20can%20block%20URL's%2C%20stop%20users%20clicking%20through%20to%20the%20original%20URL%20but%20not%20actually%20notify%20administrators%20if%2C%20for%20example%2C%20a%20link%20is%20detected.%3CBR%20%2F%3E%3CBR%20%2F%3EMay%20be%20worth%20raising%20a%20uservoice%20for%20this%20here%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Foffice365.uservoice.com%2Fforums%2F289138-office-365-security-compliance%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Foffice365.uservoice.com%2Fforums%2F289138-office-365-security-compliance%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EThe%20Threat%20protection%20status%20report%20will%20show%20everything%20caught%20on%20safe%20links%20and%20you%20can%20generate%20reports%20in%20the%20Microsoft%20365%20security%20centre%20to%20send%20reports%20on%20a%20weekly%20basis.%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-gb%2Foffice365%2Fsecuritycompliance%2Fview-reports-for-atp%23threat-protection-status-report%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-gb%2Foffice365%2Fsecuritycompliance%2Fview-reports-for-atp%23threat-protection-status-report%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3EHope%20this%20answers%20your%20question%3CBR%20%2F%3E%3CBR%20%2F%3EBest%2C%20Chris%3C%2FLINGO-BODY%3E
Highlighted
Super Contributor

How to send notification to email security admins if malicious link is detected by ATP safe links?

1 Reply
Highlighted
Solution
Hi @Marvin Oco

AFAIK there is no ability to send an email to admins if a malicious link is detected in Safe Links. By the policy you can block URL's, stop users clicking through to the original URL but not actually notify administrators if, for example, a link is detected.

May be worth raising a uservoice for this here

https://office365.uservoice.com/forums/289138-office-365-security-compliance

The Threat protection status report will show everything caught on safe links and you can generate reports in the Microsoft 365 security centre to send reports on a weekly basis.

https://docs.microsoft.com/en-gb/office365/securitycompliance/view-reports-for-atp#threat-protection...

Hope this answers your question

Best, Chris