Reputation - Risk

Web Protection leverages an advanced, self-learning network which continuously scans the internet using a highly sophisticated combination of global threat sensors and machine learning algorithms to calculate website reputations based on a large number of factors. More than 400 weighted variables are used including:

Website location



IP neighborhood

Website behavior and content

JavaScript content and characteristics



Executable file downloads


Domain/Category Age

Number of IP addresses for a site

Top Level Domain

Threat History

Past safety Record (history of infections in the last three or 12 month period)

Websites are scored between 1 and 100 across five tiers to help identify potential problem sites, the lower the score the greater the risk the website poses to users. As such the website reputation may be utilized to prevent attacks by limiting the end user’s risk of exposure to inappropriate or malicious web content.

Using Web Reputation

High Risk (1 20)*

Action: Anything in the High Risk Zone should be blocked.

Any website classified as High Risk should be treated as a No Go Area and blocked as the risk of infection is high.

Suspicious (21 40)

Action: Unless shown to be legitimate anything in the Suspicious Zone should be blocked.

Websites in the Suspicious Zone are generally relatively new and have never been reviewed. As the classification engine scans thousands of URLs per second any legitimate URL will generally have been scanned and rated so sites in this zone should be treated as suspicious.

Moderate Risk (41 60)

Action: Proceed with caution.

Websites in the Moderate Risk zone may present a risk as they were either infected in the past year or have exhibited some form of risky characteristic. As such they should only be visited by those who are knowledgeable in the subject area and who will not expose others to the risk of infection.

Low Risk (61 80)

Action: None

Websites in the Low Risk zone have exhibited few risky characteristics and have a low risk of infection; therefore they are classed as relatively safe.

Trustworthy (81 100)

Action: None

Websites in the Trustworthy zone are highly trusted sites which have exhibited little to no risk and therefore are safe to use.

* A previously infected website has a greater risk than one which has a clean record. When a website is found to be distributing malicious content it is immediately placed in the high-risk zone and will stay in this state until cleaned. Once cleaned its score will initially be lower than pre-infection as its infection history is taken into consideration and its original score is only restored over a period of time.