Use browser protection to block recently registered domains

natenova · 2022-03-16T18:09:13+00:00

There was an error rendering this rich post.

Hello,

Is there the possibility, or will there be the possibilty, to add a setting to browser protection that blocks domains registered within ____ number of days or weeks? This would help to block sites being spun up for the purpose of delivering malware/ransomware. Hopefully.

Find more posts tagged with

Browser Extension

Accepted answers

All comments

MikaArasola

We have some analysts investigating the possibility to create a new category around "possible emerging threats" which would consider the age of domain registration as one attribute. Others would be around how common it is, and if it is hosted somewhere with a history of risky sites (either spreading malware or hosting phishing sites).

It will likely take some time to be properly implemented, and in a corporate environment it might also require a company to whitelist their own internal domains (assuming they are rare from a global point of view) so that they don't get flagged.

natenova

Hello,

Unfortunately the unknown doesn't pan out. I turned it on for about 5 minutes and some sites people have used for ages stopped being accessible. This feature enhancement isn't super urgent, but is a request from above so thought I would submit in case it is feasible.

JamesC

Hi,

Our product team believes that this may be a good idea. The question is how we populate this info into our databases. We have ‘unknown’ category, for instance. And it can be already configured to be blocked now - would that be ok for you ?

JamesC

Hi, I am checking with the product team and will get back to you about this.