- Mar 16, 2019
- 3,880
I think it's not fully necessary but an additional layer of protection as it helps scanning the whole content of the webpage. So in case thinks like a modified malicious javascript of a page that collects your credentials and upload it to their server and etc other type of threats may only be detected if the antivirus was MITMing/scanning HTTPS content. But it does cost the user with a slight delay in page loading and maybe other vulnerabilities too if not properly implemented.I guess I understand the HTTPS scanning, but is it necessary if a basic web filter blocks most known malicious pages? Kaspersky is tops at adding bad pages, but is that because their filter detected them and reports home?
Like blackice said above, one is ip/host based detection and another is decrypting the HTTPS content and scan it. All paid AVs already does the first one but some also do the latter.Please explain the difference between HTTPS scanning and basic web filter. I suppose I don't have the answer myself.