Security Company Zscalar launched Zulu web service allows to determine to risk posed by a website, we’ve much familiar service VirusTotal service that scans a URL and lets you know the report after analysis whether that website is clean or hosts malware and there other services like AVG Threatlabs available that provides detailed safety ratings for any domain, should we need another service? Zscalar threat labs says so?
“However, most projects such as these tend to focus on a specific threat or type of analysis. With Zulu, we sought to combine our own proprietary scanning techniques, with the great open source intel. that is available, to provide a broad view of the overall risk posed by virtually any web resource. We also look not just at a specific aspect of the resource, but instead, separately focus on determining risk for the content, URL and host separately, which is then combined into an overall risk score”
Zulu employs following approaches to generate overall risk score for user-inputted web resource
Content – Page content is scoured for the inclusion of potentially malicious code leveraging proprietary Zscaler algorithms, conducting heuristic tests and querying public sources.
URL – The requested URL is tested against known suspicious/malicious patterns, public black/white lists, as well as historic risk assessments for subdomains, domain TLDs, file types, etc.
Host – Historic reputations of the host IP address, Anonymous System Number (ASN) and geographic location are analyzed, along with suspicious behaviors displayed by the host in question.
Zulu gives risk score for the URL even when the page content is not available.
At the time of writing this article Zulu is getting ready.