Special categories

The Forcepoint URL Database contains special categories to help you manage specific types of Internet usage.

  • The Special Events category is used to classify bandwidth-oriented content related to hot topics to help you manage event-related surges in Internet traffic. For example, the video pages offering live stream of the World Cup might generally appear in the Internet Radio and TV category, but be moved to the Special Events category during the World Cup Finals.

    Updates to the Special Events category are added to the Forcepoint URL Database during scheduled downloads. Sites are added to this category for a short period of time, after which they are either moved to another category or deleted from the Forcepoint URL Database.

  • The Security category focuses on Internet sites containing malicious code, which can bypass virus-detection software programs.
    • Advanced Malware Command and Control (Forcepoint Web Security only)
    • Advanced Malware Payloads (Forcepoint Web Security only)
    • Bot Networks
    • Compromised Websites
    • Custom-Encrypted Uploads (Forcepoint Web Security only)
    • Files Containing Passwords (Forcepoint Web Security only)
    • Keyloggers
    • Malicious Embedded iFrame
    • Malicious Embedded Link
    • Malicious Websites
    • Mobile Malware
    • Phishing and Other Frauds
    • Potentially Exploited Documents (Forcepoint Web Security only)
    • Potentially Unwanted Software
    • Spyware
    • Suspicious Embedded Link
  • The Productivity category focuses on preventing time-wasting behavior.
    • Advertisements
    • Application and Software Download
    • Instant Messaging
    • Message Boards and Forums
    • Online Brokerage and Trading
    • Pay-to-Surf
  • The Bandwidth category focuses on saving network bandwidth.
    • Educational Video
    • Entertainment Video
    • Internet Radio and TV
    • Internet Telephony
    • Peer-to-Peer File Sharing
    • Personal Network Storage and Backup
    • Streaming Media
    • Surveillance
    • Viral Video
  • The Extended Protection category focuses on potentially malicious websites.
    • Dynamic DNS includes sites that mask their identity using Dynamic DNS services, often associated with advanced persistent threats.
    • Elevated Exposure contains sites that camouflage their true nature or identity, or that include elements suggesting latent malign intent.
    • Emerging Exploits holds sites found to be hosting known and potential exploit code.
    • Newly Registered Websites
    • Suspicious Content includes sites likely to contain little or no useful content.

The Extended Protection group filters potentially malicious websites based on reputation. Site reputation is based on early signs of potential malicious activity. An attacker might target a URL containing a common misspelling, for example, or otherwise similar to a legitimate URL. Such a site could be used to distribute malware to users before traditional filters can be updated to reflect these sites as malicious.

When Security Labs researchers detect that a site includes a potential threat, the site is added to the Extended Protection category until researchers are 100% confident of the site’s final categorization.