Webroot site reputations seem dodgy

  • 13 August 2017
  • 1 reply
  • 114 views

We've started using the Webroot filtering extension, but I'm finding it difficult to trust the ratings. Although there's supposed to be a range of reputations possible, I never see anything but "Trustworthy Site" and "Suspicious site." 
 
I see "Suspicious site" on long-term, well-established sites that are completely trustworthy, and I see "Trustworthy site" on sites I know for a fact to be cesspools of phishing,  scamming and spamming. 
 
I've tried to avail myself of the option to request recategorization for a few sites I know to be safe and reliable,  but the only response I've ever received is basically "No, we're right, the site is untrustworthy"
 
I have three main concerns:
1. The addon cries wolf - we have tell users to disregard the dire warnings of probable infection or harm for certain sites. A warning that is usually wrong will end up being ignored when it actually is relevant.There seems to be little middle ground, almost all sites have either the maximum possible or minimum possible rankings.
2. Trustworthiness rating appears to rely too heavily on popularity and size, rather than on actual security, despite the descriptive texts to the contrary.
3. The procedure for updating reputation seems to be ineffective. 
 
 

1 reply

Userlevel 7
Greetings @, and welcome to our Community.
 
I reached out to our BrightCloud Team and got this response.
 
We see that you submitted Yahoo.com to the URL reputation queue twice. It was ignored both times since the reputation did not need to be changed based on BrightCloud criteria. As for the rest of comments, we here at the Web Analyst department are aware of the confusion some of our customers might get while using our product, however we can confirm that the present reputation algorithm is not likely to undergo any changes in the future and the reputation policy is going to stay unchanged for now.

Please, see below a response we use for inquiries about reputation 40 "Suspicious" for previously unclassified websites:

BrightCloud calculates a reputation score for all URLs that are queried or encountered by our backend systems which are composed of web and crawler services which operate continuously and classify millions of URLs every day.

For a web site that has previously never been classified by Brightcloud’s threat intelligence systems, the system automatically gives a reputation score of 40. A score of 40 is listed with a wording of “Suspicious”, but please note that this is not a malicious categorization, and Webroot SecureAnywhere will not block users visiting the site by default, the wording is only a heads-up alert to inform users that BrightCloud has yet to classify the site and thus to be attentive when visiting these sites at this time.

Many low scoring, uncategorized websites may over time receive an automatic increase in reputation score based on their popularity within the BrightCloud and Webroot user bases and also the wider internet community as a whole. As we hope you can imagine, with billions of websites scattered across the internet, and with millions of URLs created and removed every day, it is not possible for us to have a categorization and reputation score for each and every one, even with the incredible scaling and accuracy of machine learning. This is where we rely on users like yourself to kindly guide our Web Analyst team and automatic systems in the direction of websites you have far more personal knowledge of than us, allowing even websites with a lower number of daily visitors to receive a higher score as quickly as possible.

Reply