It's free to end users, Harv, but if you take a monstrously long, one-at-a-time trip through Rapport's client list...the list of "Trusted Websites" in its pref pane, you'll see why IBM paid a gigabuck for Trusteer.
By the way, my bad for not noting that "
Warn when I submit security data to insecure sites", one of Rapport's "Security (
) Options" is set to "NEVER" by default.
Please be advised that the default status of the policy in question is automatically set to "Never". This has been decided by the organization or banking institutions through which you were offered the Trusteer Rapport software.
My response to the effect that I was not offered Rapport by any institution...that I learned about it only because of your OP, has not been addressed. (And unless I'm completely misunderstanding the pref, I've got no idea why anybody would want it set to "Never" by default.)