Detection Models Overview

We detect all kinds of threats, from drive-by downloads to zero-day phishing sites.

Creating a Network of Trust

We use browser history and trust on first use to establish a list of safe websites. We then use threat intelligence lists to keep track of known malicious content. Together, these lists form the first layer of detection for determining trusted sites.

Dynamically Identifying Malicious Sites

When encountering a new site, Airlock uses sub-resource integrity verification to make sure that any fetched resources have not been manipulated. Real-time visual AI then determines if the site is malicious—even if it has never been seen before—to protect against zero-day attacks. As time goes on and the user network grows, our visual AI improves its accuracy.

Protecting the Community

When Airlock’s visual AI determines that a site is malicious, it automatically updates historical and aggregate data over a global network of sensors. This in turn flags the site for other Airlock extension users, even if they’ve never encountered the site before. The Airlock community is constantly exchanging threat information to spread immunity against future attacks.

Browser & Website Protection

Airlock detects “third party” domains that embed images, scripts, downloads and advertising in the pages you visit. We look for malicious code in these resources such as clickjacking, drive-by downloads and resource theft. If Airlock observes a single third party with malicious code, we automatically sandbox the page and render it read-only, rendering the threat harmless.

See how Apozy provides instant security for GSuite users.

Deploy in less than a minute

Join our global network of forward-thinking companies to protect your employees, customers and brand.