Of the targets of any given phishing campaign will click it.
Of breaches involved the use of stolen credentials
- Eliminate security silos and keep users safe. As a native component of the ML-Powered NGFW, URL Filtering provides best-in-class web security for campuses, branches, mobile users, or wherever they reside, eliminating hard-to-manage legacy solutions.
- Minimize operational expenditure. Deployed directly in your existing network traffic policy, URL Filtering functionality simplifies rule sets and streamlines administration for security teams.
- Block new malicious sites. URL Filtering categorizes and blocks never-before-seen malicious URLs in milliseconds before they have a chance to infect your network and end-users.
- Prevent known malicious websites. Safeguard your organization against known web-based threats, including phishing, malware, exploit kits, and command and control (C2).
- Safeguard against phishing. With the ability to stop credential phishing in real-time, layers of prevention protect your organization from known and brand-new phishing sites.
- Support regulatory compliance and acceptable use. Ensure your organization maintains compliance with internal, industry, and government regulatory policies.
Credential Phishing Prevention Protect user logins and passwords in real-time.
URL Filtering analyzes potential credential phishing pages, conclusively identifying them and preventing access through the “phishing” URL category. In an industry first, URL Filtering detects and prevents in-progress phishing attacks, preventing credential theft, by controlling sites to which users can submit corporate credentials based on the site’s URL category—all with zero false positives. This enables you to block users from submitting credentials to untrusted sites while still allowing them to submit credentials to corporate and sanctioned sites
Customizable Categories Tailor categories and policies to organizational needs.
Although URL Filtering utilizes a defined set of categories, different organizations may have different needs around risk tolerance, compliance, regulation, or acceptable use. To meet your organizational requirements and fine-tune security policies, your administrators can establish custom categories by combining multiple existing categories to create new ones. For example, combining the “high-risk,” “financial services,” and “newly-registered-domain” categories would create a powerful new category, enabling policy to be enacted upon any site that meets these criteria.
Analysis of Cached Results and Translation Site Filtering
Maintain tight control over common policy evasion tactics. URL Filtering policies can be enforced even when attacks use common evasion tactics, such as cached results and language translation sites. This is accomplished through:
- Search engine cached results prevention: URL Filtering policies are applied when end users attempt to view the cached results of web searches and internet archives.
- Translation site filtering: URL Filtering policies are applied to URLs that are entered into language translation websites (e.g., Google Translate) as a means of bypassing policies.
The URL Filtering subscription enables you to:
- Benefit from shared intelligence. Take advantage of best-in-class web security with easy-to-use application- and user-based policies, and tight integration with Threat Prevention and WildFire.
- Maintain total control over web traffic. Use URL categories to automatically trigger advanced security actions, such as selective TLS/SSL decryption for suspicious sites.
- Automate your security. The policy is applied to URL categories automatically, requiring no analyst intervention.
- Gain insight into user and URL activity. IT departments can get visibility into URL Filtering and related web activity through a set of predefined or fully customized URL Filtering reports.
* Beyond simply blocking malicious sites, URL categories can be used to enable fine-grained security policies to protect users without slowing down the business.