MACHINE LEARNING VS.THREAT FEEDS
Our solution doesn’t just rely on a list of threat feeds, we are powered by machine learning. F-Secure uses just threat feeds, and they don’t have any imagery-based phishing detection.
This gives our users zero-day threat protection so they’re protected even if a threat has never been seen before. In fact, we block new threats before other major threat feeds. What this really means is that if you visit a malicious site that isn’t a part of our database of deceptive threats, you’re still covered. Our system will scan the website before allowing the page to resolve, and block the domain if it’s found to be a threat.
F-Secure does use AI, but it is limited and doesn’t scan the page. Their AI works on the backend, allowing them to add new threats from external sources to their database of threats. Then, when someone makes a DNS query, it checks against the database.
F-secure has a database that is dynamically added to, but DNSFilter’s database uses the real-time web classification that happens each time a user visits a page. Any new threats we find as we scan user sites are automatically added to our database. Our users don't need to tell us about new threats, we already know. Whereas F-Secure doesn't have this capability. Their users need to manually update block lists or contact the company, which causes delays and frustration for end users.
F-Secure’s domain database relies on a free service called Quad9. They’ve created their domain database by ingesting a variety of threat lists. What Quad9 doesn’t do when importing these lists is check the validity of these domains.
Our domain database is carefully maintained. Each threat feed that is added to the database is examined to make sure that well-known, safe websites are not found on a block list. Monthly reviews of our domain database are also performed, looking for false positives that may have cropped up. Preserving domain database health is important to make sure that users don’t run into erroneously blocked websites.