Sophos XG Web Filter - Regex Filtering Request

Hi I have a customer that was almost successfully phished due to heavy domain squatting that tricked the user into thinking it was a company owned domain.Seemed to be one of those trying to trick users into entering credentials and then harvesting those credentials for vpn or mail access.

As is usual the XG threw the web request into the Information Technology (UGGGGH) category  and allowed it through.Luckily user suspected something was amiss and called IT to investigate as page looked a bit naff.We are busy with the customer at present effectively blocking/decommissioning the Information Technology category and whitelisting things we require to function correctly that the customer needs inside the category.

Can we please get Regex Filtering parsing going for Web Categories or worst case URL groups ?

Have done this successfully on other platforms and whilst painful to initially go through to get all known good trusted domains working it makes company impersonating phishing urls really difficult to succeed on users browser.

Edited TAGs
[edited by: emmosophos at 11:18 PM (GMT -7) on 16 Sep 2021]
Parents Reply Children