Skip to Content

MC318994: Microsoft Defender for Office 365: Updates to URL Protection Report

Updated May 24, 2022: We have updated the rollout timeline below. Thank you for your patience.

Updated April 21, 2022: We have updated the rollout timeline below. Thank you for your patience.

We are enhancing the URL protection report by including new click actions to the reporting. This message is associated with Microsoft 365 Roadmap ID 88880.

We’re making some updates to the URL protection report to make the report easier to use and give admins more insight. The action view will be updated to include four new action types, including Admin allowed, Admin block, pending scan, and Admin blocked with clickthrough. We’re also consolidating the application view to classify all Office apps (Word, PowerPoint, Excel, OneNote, Visio) as Office rather than individual products.

MC318994: Microsoft Defender for Office 365: Updates to URL Protection Report

When will this happen

  • We will begin rolling this out to standard release customers by the end of March 2022 and we expect to be complete by late April (previously early April).
  • We will begin rolling this out to government customers in early May (previously mid-April) and we expect to be complete by late May (previously mid-May).

How this will affect your organization

1. URL protection report Action view:

  • Previous we only had four kinds of User click action that existed in the URL protection report which were namely: “Allowed” – Clicks allowed by system
  • “Blocked” – Clicks blocked by system
  • “Blocked and clicked through” – Blocked clicks where a user clicks through to the blocked URL.
  • “Clicked through during scan” – Clicks that where the user clicks through the pending scan page to the URL.

Clicks that where the user clicks through the pending scan page to the URL.

  • We will be introducing four new actions that will help Admins have better insights to the new actions that exist within their organization tenant. These new actions are:”Admin allowed” – Clicks allowed by the admin as part of the safe links policy
  • “Admin block” – Clicks that are blocked by the admin as part of the safe links policy
  • “Pending scan” – Clicks on URLs that are pending a scan verdict
  • “Admin blocked and click through” – Admin has blocked the link but the user clicked through

Admin has blocked the link but the user clicked through

2. URL protection report application view

Previously in the application view of the URL protection we had the following categories:

  • Email client
  • PowerPoint
  • Word
  • Excel
  • OneNote
  • Visio
  • Teams and Others.

URL protection report application view

With these new updates, we will be merging the PowerPoint, Word, Excel, OneNote, and Visio categories into one consolidated view and call it “Office”

What you need to do to prepare

To prepare for these changes please updates your reporting documents and Cmdlets (Get-SafeLinksAggregateReport and Get-SafeLinksDetailReport).

Learn more

Message ID: MC318994
Published: 27 January 2022
Updated: 24 May 2022

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.