Every place I ever worked did exactly this. They use a protocol called WCCP which is essentially source routing, so if you're going to the internet on certain ports it routes you to a proxy server instead of whichever router it normally would.
Most companies big enough to do this already have their own internal CA installed on all the machines, for internal sites, so they use that same CA to sign the mitm cert. With so many sites using HSTS it can be annoying if you access a site while off the network.
As far as them knowing the content of a particular image they would need to have some kind of machine learning like this extension.
Most companies big enough to do this already have their own internal CA installed on all the machines, for internal sites, so they use that same CA to sign the mitm cert. With so many sites using HSTS it can be annoying if you access a site while off the network.
As far as them knowing the content of a particular image they would need to have some kind of machine learning like this extension.