cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Microsoft Security Tech Accelerator
Dec 06 2023, 07:00 AM - 12:00 PM (PST)
Microsoft Tech Community
Find out more
SOLVED

Office 365 SafeLinks ATP custom URL

Aleksander Pawlak
Brass Contributor

‎May 04 2020 10:56 AM

‎May 04 2020 10:56 AM

Office 365 SafeLinks ATP custom URL

Hello!

I'm looking to build a dynamic script that pulls known-phishing sites from various sources and add these dynamically to SafeLinks policy. I did a bit of research and unfortunately I have found no option to add custom blacklisted URLs onto Office 365 - I can manage the policy settings in general, but I can't find an option that would allow me to automate my own custom URLs and domains. Both Graph API (seemingly unable to manage ATP Safelinks at all) and Powershell (some Safelink management) do not seem to expose this option. 

 

Any help? 

Alex P

2,281 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by Aleksander Pawlak (Brass Contributor)
Joe Stocker

‎May 09 2020 02:10 PM

‎May 09 2020 02:10 PM

Solution

Re: Office 365 SafeLinks ATP custom URL

How about this command?
Set-AtpPolicyForO365 -BlockUrls <MultiValuedProperty>
https://docs.microsoft.com/en-us/powershell/module/exchange/advanced-threat-protection/set-atppolicy...

Keep in mind when you run the command above, it will overwrite any previous values that were in the blocklist, so you need to use the @Add to append.
set-AtpPolicyForO365 -BlockUrls @{add='contoso.com'}

If you wish to automate, you could use Azure Automation Runbook to read phishing sites from various sources, and then run Set-AtpPolicyForO365 to update the block policy.
https://docs.microsoft.com/en-us/azure/automation/learn/automation-tutorial-runbook-textual-powershe...

If this was helpful please click 'Mark as best response.'

-Joe
0 Likes
Reply