Is the BrowsingProtection able to protect from threats at websites, even if the sites use HTTPS?

Hello.

Now, I am having some questions about protecting from threat on the web.

 

 

1.
Have the websites which were added as exception sites on Browsing protection been scanned by F-Secure when access the sites by browsers?
Is F-Secure able to detect malwares at websites even if added to the list of exception websites?

 

 

2.
The websites using HTTPS protocol (SSL connection) are scanned by F-Secure? I installed and enabled official F-Secure add-on and extension to my browsers.

 

 

3.
Malicious add-ons and extensions are detected as threat by F-Secure SAFE?
I head that some malicious add-ons and extensions are been detected at even the official stores of each browser vendors. I am worrying about it.

 

 

Please tell me about above questions. Thank you very much!

 

 

---
F-Secure SAFE 16.3:
DeepGuard is enabled.
I configured to enable at DeepGuard: Warn me about suspicious behaviour, application exploits, and making an Internet Connection.

My PC:
Windows10 Home

Comments

  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    Sorry for my reply.

    I just decided to create words based on my experience of using F-Secure and your ask;

     

    First:

    Spoiler

    I think that common situation there.. that Browsing Protection exception list based on web-rating/reputation feature.

    This work before the access to page.

    All other things under website (like drive-by or other) should be covered by another layers of protection (HIPS/real-time scanning).

     

    I think that if there under the page can be malicious resources (or scripts) based on certain excluded domain (which allowed).. so.. this is possible to "visit" this resource.

    But next "payload"-actions should be prevented by F-Secure (if downloaded?! malicious file known; or if there other things... which can be marked as known exploits).

     

     

     

    Second:

    Spoiler

    F-Secure do not really scanning the websites.

    But with enabled extensions (by F-Secure) there have proper support to work under/with HTTPS page.

    Such as... providing rating pictures under HTTPS search engines (Google, Yahoo, Bing and with turned ON this feature).

    And proper blocking HTTPS (malicious) pages. It will be visible for users and blocked more stable.

    Normal statistics(count) of visited pages (which can be visible under settings) and time-usage of web (as part of Parental control);

     

    (like F-Secure work with websites): This is commonly not based on (scanning) content, but based on "reputation/rating" data under F-Secure Security Cloud about certain websites (if should be blocked or can be suspicious by known rating);

     

     

     

    Third: 

    Spoiler

    This is based on certain situation;

    I think that most common design there... that malicious extension can be detected by signatures (other related "around" traditional scanning things);

    If this is known for F-Secure (as certain trouble) it will be blocked.

     

    I think that there can be a lot of different situations.. when malicious addon/extension can be detected by some of layers (or... will be detected malicious activities of addon/extension);

     

    Also can be situation.. that "malicious" (in fact) addon do not blocked/detected. Usually.. for time.. when this is not known for F-Secure. This is can be.. if extension/addon can to use "proper valid design" (but did malicious things)... or if malicious actions hidden by tricks.

     

     

     

    Sorry for my reply and not nice English.

    Maybe there anyway more helpful can be normal response by F-Secure team about some of this things.

  • kinokotakenoko
    kinokotakenoko Posts: 2 New Member

    Hello, Ukko.

    First, I want to tell you that thank you very much for your kind reply!

    I have read it and it was very useful for resolving my questions.

     

    I didn't know that F-Secure is able to detect malwares at even HTTPS websites.

    I had a question if F-Secure scans HTTPS-Connection and detect malwares at there.

     

    And, I reassured myself that F-Secure can scan extensions/add-ons on browsers.

     

    By the way, I have more question about your sentence that... "F-Secure do not really scanning the websites".

    Is it true? I heard F-secure is having behaviour-based scanning engine.

    Isn't the engine scan websites like other majour anti-malware solutions like Avast, Avira, and more?

     

    Finally I tell you that...

     

    Sorry for my reply and not nice English.

    ...Why? Your sentences are good. My sentence is not perfect as good Enlgish.
    I am not native speaker of English. Excuse meSmiley Very Happy

     

    Maybe there anyway more helpful can be normal response by F-Secure team about some of this things.

    ...I want to contact the support team, but I cannot contact them.
    I went to Support page at official site, but there were some support tools; Online-Chat, Community board, and Phone number...

    I tried to connect by online-chat, but it was not connecting in my PC (at least...)Woman Sad

     

    Did you know that how to get support by F-Secure Official Team in English or Japanese?

     

    Thank you!

     

     

     

     

     

  • Ukko
    Ukko Posts: 3,611 Superuser

    Hello,

     

    ---

    ""that F-Secure is able to detect malwares at even HTTPS websites.""

    ---

     

    Not totally like that... just because for privacy reasons... (I think and maybe based on certain settings under F-Secure installation) F-Secure do not want to decrypt your traffic. :)

    But with steps-before and with steps-after.... F-Secure have abilities to control situation.

     

    ---

    ""Is it true? I heard F-secure is having behaviour-based scanning engine.

    Isn't the engine scan websites like other majour anti-malware solutions like Avast, Avira, and more?""

    ---

     

    Sorry for next long reply! Smiley Sad

    Can be less words like: "F-Secure will provide all of this scanning-kinds".

    But probably I not able to call it as "scanning websites" (or content; but with meanings that content there is reason for rate it...  if malicious or suspicious, what/which content there);

    All other things based on system (like file-system scanning; mainly real-time scanning);

    And else two points: network traffic scanning (feature under Firewall-tab settings for F-Secure settings);

    And DeepGuard, which able to suspect that under browser (as application) can be exploiting by malicious try.

    More words (but maybe not more helpful) under the spoiler;

    Spoiler

    Probably yes. Because my words was "F-Secure do not really scanning the websites";

     

    Main point there is "websites" (webpages or other) during your experience with web by browser.

    Also just my opinion... that F-Secure usually have most of "features", which can be with other good security companies. Or related feature with another design;

    Not sure about other security companies... and how they work about this certain points, but just about F-Secure and this things:

     

    --> F-Secure have scanning engines (not one engine; four main engines and technologies around this - which practically also "engines"); Usually I think about this as "local" things and scanning (like scanning system, filesystem and related things; activities/actions under user system);

     

    --> F-Secure have ability to block malicious/harmful webpages. Blocking suspicious websites. And other online-based things (content blocker, parental control, banking protection);

    With F-Secure SAFE/F-Secure Internet Security this is based on "Browsing Protection" module;

     

    When you goes to certain page... F-Secure (before access to this page) checking if page known as malicious or suspicious (based on F-Secure Security Cloud and rating/reputation database); If all OK - you able to visit page (if there is not work restricted settings under your installation).

    If page is known malicious (or marked as harmful/suspicious-rated) you get blockpage with notification about this (can be situations.. when you do not get blockpage, but connection with page is blocked).

     

    So.. if website is safe-rated.. and you open this site... F-Secure do not  "scanning" this content (like HTML or certain source scripts) like analysis about safety status of page (or like re-scanning page for re-rate it).

    Such as... rating usually not based on user's steps and experience about usage page.

     

    But.. F-Secure will scan probably .js-files or other content, which downloaded (as temporary internet files or other things) to filesystem.

    So, if there is malicious files...  This will be blocked by known "URL" (if scripts based on malicious domains under valid website) or as real-time scanning under system. But this is should be "known" malicious things (for signatures-based scanning engine);

     

    Like when you try to download malicious executable file (which known). It will be blocked.

    Or before download-start. Or at first access to file-system (when basically... safe point) as block to next actions.

    Also based on point "if there HTTP or HTTPS";

     

    Maybe you MEAN THAT.... protection against exploits, web-exploits and online-based malware;

    F-Secure covered this things also.  Mainly by ... indeed HIPS.... and as part of DeepGuard design.

    I think that most common point there is "exploit protection". Because DeepGuard's feature protect all (or most) processes under system and browser's processes like one of main.

    If exploit-try will be detected by DeepGuard...  determinate and prompted for user.

    But not sure.. that this is also can be marked as "scanning websites".

    Because result of this scanning... do not provide something as rating/reputation for website (or access to website); But this is provide protection for system and against malicious tries (and do not matter from web or from local-launch).

     

    F-Secure Support as (ticket) for certain trouble can be there:

    https://www.f-secure.com/en/web/home_global/support/support-request

     

    Also under this community (if we based on my previous words)  time to time available to get response by F-Secure team. Maybe if you do ask it there (to re-understand things) and just because my words ... just my suggestions.. I think you really want to get proper response. :)

    So..  you able to some kind of "up" this topic  by re-ask about certain "not visible things". There can be F-Secure People as community people (or just direct developers).

  • Laksh
    Laksh Posts: 4,224 Former F-Secure Employee

    Hi kinokotakenoko and welcome to our Community!

     

    You can get in touch with the support team by calling them directly. Please find the contact number for Japanese/English support in here. They should be able to guide you with your questions.

     

    Alternatively, you can also get in touch with our English Chat support in here. The chat support timings as given in the website are from 6-16 (GMT) (Mon-Fri ). Could you please try again during these given timings?

This discussion has been closed.
Pricing & Product Info