Prioritizing security risk categorization

By default, when a site belongs to a Security Risk category, Filtering Service applies an action based on the site’s Security Risk classification, even when the site:

Is added as a recategorized URL in a permitted category
Appears in a limited access filter

Note: Although the Extended Protection categories are default members of the Security Risk class, because they group sites that are still being analyzed, they receive lower prioritization than other categories. As a result, custom categorization always takes precedence over Extended Protection categorization.

When Filtering Service or the hybrid service assigns a site to a Security Risk class category (based on Forcepoint URL Database category or Content Gateway analysis):

If a category filter is in effect, and the security-related category is blocked, the site is blocked.
If a limited access filter is in effect, the site is blocked.

Configure which categories are part of the Security Risk class on the Web > Settings > General > Risk Classes page in the Forcepoint Security Manager.