Cyren on Ru Campbell MVP https://campbell.scot/tags/cyren/ Recent content in Cyren on Ru Campbell MVP Hugo en-gb Sat, 04 Jul 2020 14:15:32 +0000 Microsoft Defender for Endpoint Web Content Filtering - Migrate Rules from Existing Security Software https://campbell.scot/microsoft-defender-atp-web-content-filtering-migrate-rules-from-existing-security-software/ Sat, 04 Jul 2020 14:15:32 +0000 https://campbell.scot/microsoft-defender-atp-web-content-filtering-migrate-rules-from-existing-security-software/ <p>In my <a href="https://campbell.scot/microsoft-defender-atp-web-content-filtering-administration-limitations-and-user-experience/">last blog</a>, I wrote about web content filtering in MDATP and how it now allows you to block website categories on the client across all apps.  Category blockers are great because, with one easy checkbox, you ban hundreds of thousands of dangerous on inappropriate websites.  Nothing is perfect, though, and anyone who&rsquo;s ever worked a helpdesk or SOC will attest that false positives and false negatives are common.</p> <p>The engine for MDATP web content filtering is <a href="https://www.cyren.com/">Cyren</a>, and you can check if a website is caught by its category rules using their online <a href="https://www.cyren.com/security-center/url-category-check">category check tool</a>.  This takes a bit of time, as each check is subject to a <a href="https://developers.google.com/recaptcha/docs/v3">Google reCAPTCHA test</a>.  If you&rsquo;re migrating anything of scale to MDATP, you don&rsquo;t have the time to do this, and also do not want to risk important websites later being swept up by category rules even if they are fine for now.  When you allowed or blocked websites on your existing solution, it&rsquo;s assumed you&rsquo;ve done the due diligence, and you want to take the remediation you&rsquo;ve applied against those (potential) false positives and false negatives with you.</p> Microsoft Defender for Endpoint Web Content Filtering - Administration, Limitations, and User Experience https://campbell.scot/microsoft-defender-atp-web-content-filtering-administration-limitations-and-user-experience/ Sun, 28 Jun 2020 16:37:29 +0000 https://campbell.scot/microsoft-defender-atp-web-content-filtering-administration-limitations-and-user-experience/ <p>Historically, one of the big features missing &ldquo;out of the box&rdquo; with MDATP was web content filtering.  Customers typically look at MDATP as an option when their existing endpoint security is due for license renewal, and compare their existing solution against it.  They would be moving from one of the big security vendors such as Sophos, Norton, and McAfee, which all supported web content filtering.  Higher lever stakeholders often listed the ability to block websites as essential, and as Microsoft did not maintain such a categorisation database, if you wanted it with Defender ATP, you&rsquo;d be looking at other solutions too.  This took away from Defender ATP&rsquo;s &ldquo;single pane of glass&rdquo; selling point.</p>