Report Phishing and Other Malicious Sites and add to DefensX Global Blocklist
R
Ryan Kosowsky
Confirmed or user reported Phishing and other malicious sites should get added to a DefensX global blocklist and rather than going in as a standard "user request" go to a DefensX SOC team for further review
At the very least, if an admin confirms or reports a site as phishing or malicious, it gets escalated to the DefensX SOC team for further review to be recategorized as something malicious.
Log In
C
Cody Arnold
We handle this by adding any domains we don't like into the parent tenant allow/deny lists which are referenced in every child tenant we manage
This is everything from domains we find in phishing emails, to domains we see referenced in callouts in malicious scripts, or other threat intel we come across.
You always have the ability to generate a ticket with DefensX & supply any supporting information you have so they can change categorizations associated with a domain, I've done it before.
However, I do see value in an option that would via the DefensX UI allow you to report the domain to them for review, and potentially apply context to it so they're just not getting tossed a "hey go look at this" without understanding why someone said to look at it.