This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 59%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Hi all,
is it possible to restrict access to a public website based on a risk level calculated by defender? Lets say that if a device has HIGH risk level, it will not be allowed to access particular web site....
PS: We use M365 E3 with M365 E5 Security addon.
Thank you.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@michal, Thanks for posting in Q&A.
For the web site, if it is related with the cloud app in Conditional access, maybe we can create conditional access policy to block the access according to the risk score.
We can create a compliance policy and mark the device at or under the machine score as non-compliant:
Then you can create conditional access policy to require a compliant device to block the non-compliant device access to the cloud resource:
However, if the above information can not help, you can contact Microsoft Defender for Endpoint support in the following link to see if it can be done there:
Hope the above information can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi... thank you for links etc... will go through them later today...
Just a quick question - I'm aware of Conditional Access and using it to manage access to cloud / MS resources... However, can it be used also to restrict access to a web site? ...not related to MS?
@michal, Thanks for your reply. For your question, I am afraid the answer is no.
Just an idea - if you limit access to local M365 apps, users will do anything to fix it :)