LukeCC

be careful whitelisting all sharepoint.com, it would be safer to whitelist only your own "customername".sharepoint.com cause there are a lot of phishing campaigns that run with compromised sharepoint.com link inside

in False-Positive , Office365 Sharepoint marked as Phishing in Content-Filter Comment by LukeCC May 2023

same at one of our customers that are using ATP800: they were not able to use their sharepoint 365 resources

in False-Positive , Office365 Sharepoint marked as Phishing in Content-Filter Comment by LukeCC May 2023

same here, ATP800 and 5-6 clients with this: Application.SystemInformer.2b5a37bd looking at the malware logs on the firewall and ip sources they allare public IPs associated to Level3 that usually is used as content delivery for microsoft updates or other updates. can you please confirm that?

in Anti-Malware False-positive or Real? Comment by LukeCC May 2023

LukeCC

Comments