Creating Bypass policy at Microsoft 365 (formerly ATP whitelisting)
Comprehensive Whitelisting in Microsoft Defender for Office 365
Safe Links Whitelisting:
- Access Microsoft 365 Defender Portal:
- Navigate to Safe Links:
- Go to Policies & rules > Threat policies > Safe Links.
- Edit Safe Links Policy:
- Select the policy you want to modify and click on Edit policy.
- Do not rewrite URLs:
- In the policy settings, find the section for Do not rewrite the following URLs.
- Click + Add and enter the URLs you want to whitelist.
- Save the changes.
Safe Attachments Whitelisting:
- Navigate to Safe Attachments:
- Go to Policies & rules > Threat policies > Safe Attachments.
- Edit Safe Attachments Policy:
- Select the policy you want to modify and click on Edit policy.
- Enable Bypass:
- In the policy settings, find the section for Bypass.
- Click + Add and enter the email addresses, domains, or IP addresses you want to whitelist.
- Save the changes.
Anti-Spam Policy Whitelisting:
- Navigate to Anti-Spam Policies:
- Go to Policies & rules > Threat policies > Anti-spam.
- Edit Anti-Spam Policy:
- Select the policy you want to modify and click on Edit policy.
- Allowed Domains and Addresses:
- In the anti-spam policy settings, find Allowed domains and addresses.
- Click + Add and enter the domains or email addresses you want to whitelist.
- Save the changes.
Connection Filter Policy Whitelisting:
- Navigate to Connection Filter Policies:
- Go to Policies & rules > Threat policies > Connection filter policy.
- Edit Connection Filter Policy:
- Click on the Default policy (or create a new policy if preferred).
- IP Allow List:
- In the Connection filtering settings, find IP Allow list.
- Click + Add to add the IP address you want to whitelist.
- Save the changes.
Related Articles
Microsoft 365 ATP (Advanced Threat Protection) Whitelisting
In case you are using Microsoft O365 Advanced Threat within your mail environment, there is a possibility that you might experience false clicks and email attachment opens. In order for ThreatCop’s email to function properly, additional rules to ...
Creating a Phishing Simulation Rule in the O365 Admin Center
In order to whitelist Threatcop into your O365 environment you need to follow the below mentioned steps: Go to https://www.microsoft365.com/ Locate the square with dots positioned at the upper-left corner. Proceed to access the Security section ...
Implementing Hash-Based Whitelisting for Ransomware simulation
We can have hash-based whitelisting to allow specific executable files to be downloaded and executed. This method ensures that only files with specified hash values are permitted, providing a more granular control over which executables can run. ...
How will I know my whitelisting has been done correctly?
You can verify the status of your whitelisting by initiating a test campaign. Once the email lands in your inbox, it indicates that your whitelisting has been done correctly.
Things to keep in mind before creating a Campaign Template
Before going to the Dashboard to create a Campaign Template you first need to keep a few things in mind: 1) The Category of your Campaign Template We provide various categories to create campaigns under. If you want to create a campaign related to ...