Patent attributes
System and methods for a cloud-based approach to breached website detection and notification as a security service are provided. According to one embodiment, a network security device protecting a private network of an enterprise, intercepts information associated with an interaction with a website by a browser of a client device associated with the private network. The network security device, based on the information, proactively determines whether the website or a domain with which the website is associated has been reported as having been breached by querying a cloud-based security service that actively maintains a list of breached websites. In response to the determining being affirmative, the network security device notifies the user regarding an occurrence of a security breach involving the domain or the website by issuing a replacement Hypertext Transfer Protocol (HTTP) response message to the browser.
