Comodo Internet Security Essentials protects you from internet man-in-the-middle attacks by warning you if a web site uses an untrusted SSL certificate.

This additional layer of security is especially important during online banking or shopping sessions, or if you are accessing the internet from a coffee shop, park or airport.

What is a man-in-the-middle attack?

Man-in-the-middle attacks occur when an attacker forces a client to connect to a server other than the one that the client intended to connect.

By injecting a fake root certificate into the Windows certificate store, malicious actors can often fool browsers into trusting a connection to a server operated by an attacker. This is known as certificate root poisoning and is the most commonly used technique for launching man-in-the-middle attacks. If successful, all data sent from your browser would be routed through the attacker’s server. The diagram on the right shows a typical man-in-the-middle attack:

How does Comodo Internet Security Essentials protect you from a man-in-the-middle attack?

CISE blocks man-in-the-middle attacks attempts by verifying all certificates used for secure connections against Comodo's trusted root certificate list.

When you load a web-page, Comodo Internet Security Essentials checks the certificate used by the site is signed by a root in our verified list of root certificates. You will be alerted if the site is using a potentially fraudulent certificate.

You also have the option to add certificate to the whitelist, and this root