Finjan SecureBrowsing review: Finjan SecureBrowsing
Newcomer Finjan SecureBrowsing does a great job of identifying sites with suspected malware content, but it misses phishing sites and those linking to sites that contain malicious exploits.
Robert Vamosi
Former Editor
As CNET's former resident security expert, Robert Vamosi has been interviewed on the BBC, CNN, MSNBC, and other outlets to share his knowledge about the latest online threats and to offer advice on personal and corporate security.
CNET editors pick the products and services we write about. When you buy through our links, we may get a commission.
Security vendor Finjan now offers a secure browsing extension for Firefox and Internet Explorer, named SecureBrowsing. The tool is similar to the free tool Linkscanner offered by Exploit Prevention Labs, with ties to antivirus protection. Like Linkscanner, the Finjan product overlays your search engine results page with various real-time safety ratings. Unlike McAfee SiteAdvisor Plus, which identifies phishing sites but not always malware sites, Finjan SecureBrowsing failed to catch any of the suspected phishing sites we tested.
The Good
The Bad
The Bottom Line
Download is quick. SecureBrowsing is an add-on for Internet Explorer and an extension for Firefox. It does require that you restart your browser after installation. Once restarted, the Finjan logo appears in the lower right-hand corner of your browser. Unlike SiteAdvisor, the Finjan icon does not change color to show the safety of a given site, nor are there many configuration choices.
Finjan SecureBrowsing identifies and ranks Web sites returned by search engines such as Google, Yahoo, and Microsoft Live; advertising systems such as Google AdSense; Webmail systems Gmail, Hotmail, and Yahoo; and popular destination sites like MySpace, Digg, Slashdot, and Blogger. Other domains are not scanned by SecureBrowsing at this time.
Because the Finjan safety scans are live--not drawn from some cataloged data one hour or even several days old--you can search Google for something odd, say, antique bottle collection sites, and know that Finjan's reports will be accurate. That's good, given that Web sites can be compromised with malicious content one day and clean the next.
To scan the Web sites, SecureBrowsing uses Finjan's patented behavior-based heuristic technology along with antivirus technology from Sophos and Kaspersky. By right-clicking on a rating, you can see why a site has been flagged either by category or by technical information. Most of the sites we found contained spyware, with an occasional virus or worm.
But Finjan SecureBrowsing consistently failed to identify the ordinary, nonexploit-related phishing sites we visited, which surprised us. Using 10 sites recently reported to a reputable, independent phish-tracking site, we found that the premium SiteAdvisor Plus identified and blocked access to all 10 sites, tied with the free Netcraft toolbar; next best antiphishing tools were Linkscanner Pro and Firefox 2, each identifying or blocking access to 7 suspected phishing sites; they were followed by Internet Explorer 7 with an abysmal 5, or half the sites visited. The free edition of McAfee SiteAdvisor gave us inconsistent results over the five days we tested it, so it was not ranked. But Finjan SecureBrowsing found none of the phishing sites, even those several hours old. And, unlike Linkscanner, Finjan SecureBrowsing missed a few sites with iframe links to exploit servers known to install back doors and Trojan horses.
Finjan SecureBrowsing includes a nominal, one page Help site. An online FAQ exists, however you need SecureBrowsing installed to view it. We could find no live technical support offered for this product.
In the future we'd like to see Finjan SecureBrowsing become a more all-around product, looking not only for malware online but also fraudulent (aka phishing) sites as well.