Hello,
I have been asked by a customer if there is a document which thouroughly explains how 'Protect critical functions in web browsers (Safe browsing) works but cannot seem to find anything.
Does such a document exist?
Thanks,
Lee.
Hi Lee,
Thanks for reaching out to the Sophos Community Forum.
The way Intercept X enforces the scanning features available is by loading a mini-filter into each of the processes that start on your device. This allows the heuristics engine to see a complete view of the operations that are occurring on your device.
The Safe Browsing element also has context awareness of HTML and input fields to better monitor what is taking place in the browser.
Intercept X tries to use all of the information available on a device to make decisions on whether a detection should be raised or not. You can read more about the different attack methods Sophos can protect against in the following article.
- Exploits Explained
Let me know if this helps.
Quote