Add ability to see the reason for a domain's threat category
Ed
Is there a plan on having a drill down on why a domain is being reported as a Threat? Maybe a link to the reporting platform to see more information? 4 days is an eternity for a response to an upset client who's been flagged as malware. Please add this as a QOL feature. We're the ones being seen as blocking their site. Without a good explanation it's our "fault".
R
Ryan Poppa
Merged in a post:
More information about FQDNs that are blocked
Eric Nix
It would be nice if DNSFilter provided more detailed info about FQDNs that are blocked. For example, I would like the ability to click the domain name and have WHOIS information displayed. Something similar to what Cisco Talos or Brightcloud offers for security information would be ideal. I'm sure DNSFilter already has this information for internal use.
R
Ryan Poppa
Merged in a post:
Reason behind the malicious categorization for the admin portal
Greg Gelman
DNSFilter blocks websites based on categories like Malware, etc. When we go in for review of whether or not to keep a certain website blocked we end up finding false positives on occasion and submit for re-review by DNSFilter. It would be much more helpful if we didn't have to use other tools to verify DNSFilter's categorization of websites and could see similar reasoning/evidence of why it was categorized the way it was, and/or the reason for the block. I understand the reason for the block can be Malware or New Domain, but can there be a little more detail like what specifically was triggering Malware (was it a malicious DNS request the website made to external services, suspicious access to host metadata, etc.) or how new the domain is with the whois info?
if this already exists, I must have missed it.