Security News > 2020 > October > Microsoft shares list of URLs required by Microsoft Defender ATP
Microsoft has released a spreadsheet containing the full list of URLs that Microsoft Defender ATP must reach to function correctly.
When Microsoft Defender ATP is installed on endpoints, its sensor will detect malicious threats and behaviors and send them via HTTP to the Microsoft Defender ATP cloud service.
For Microsoft Defender ATP to properly send collected data to Microsoft's cloud-based services, there is ta list of URLs that must not be blocked.
"The following downloadable spreadsheet lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an allow rule specifically for them," Microsoft explained in a support document for Microsoft Defender ATP. Yesterday, Microsoft released an Excel spreadsheet containing 84 URL patterns required for Microsoft Defender ATP to function correctly.
If you use Microsoft Defender ATP in your organization, you must make sure your firewall or proxy server does not block these URLs or Microsoft Defender ATP will be unable to send sensor data to Microsoft.