What type of attacks Kaspersky's HTTPs Scanning can detect?
- Thread starter Azazel
- Start date
Please provide comments and solutions that are helpful to the author of this topic.
I don't think it is able to detect SQL injection. In most cases, SQL injection is an attack on the server
The HTTPS scan seems to be designed to detect "server to client" attacks but not all attacks of the HTTP protocol, such as malicious URLs, phishing pages, malicious JavaScript, and malware.
Actually, "HTTPS scanning" and "web scanning" almost detect the same types of attacks.
Due to TLS, the HTTPS traffic is encrypted; therefore, security apps (not only Kaspersky) have to proxy HTTPS traffic to inspect content. This is why it is referred to as "HTTPS scanning".
The HTTPS scan seems to be designed to detect "server to client" attacks but not all attacks of the HTTP protocol, such as malicious URLs, phishing pages, malicious JavaScript, and malware.
Actually, "HTTPS scanning" and "web scanning" almost detect the same types of attacks.
Due to TLS, the HTTPS traffic is encrypted; therefore, security apps (not only Kaspersky) have to proxy HTTPS traffic to inspect content. This is why it is referred to as "HTTPS scanning".
Similar threads
