Whitelisting Microsoft Defender

Whitelisting is an important step in the process of sending out phishing simulations. It prevents the email from being stopped by your spam/anti-phishing filters and makes sure that the email reaches your users.

We have provided a step-to-step guide on how to whitelist before a phishing simulation in Microsoft Defender.

Download the guide for detailed instructions with screenshots for each step.

When the whitelisting is done, remember to let your dedicated Customer Succes Manager at CyberPilot know. Afterwards, we will send you a test email to ensure it gets through. If there are any problems or additional questions, write to us at: support@cyberpilot.io.

Whitelisting steps (Microsoft Defender)

Follow the steps below or use the guide to whitelist CyberPilot in Microsoft Defender. 

  1. Together with CyberPilot, decide on the sender's email address for the campaign
  2. Log in to your Microsoft 365 account and select Admin from the navigation pane.
  3. From the All admin centers page, click Security.
  4. In the Microsoft 365 Defender navigation pane, click the Policies & rules tab under Email collaboration.
  5. Select Threat policies.
  6. Select anti-spam policies
  7. Scroll down and click on: ​Edit allowed and blocked senders and domains
  8. Manage allowed sender - add the email address the phishing campaign will come from (see step 1)
  9. Click done
  10. Click save
  11. After the campaign is over - remember to remove the sender email address from Defender.

Got a question?

Contact us at support@cyberpilot.io