Zulu – Zscaler Malware Scanning Service

Posted: January 29, 2012 in Penteration Testing

Zulu+-+Zscaler+Malware+Scanning+Service

Zscaler has launched a new freE online service called Zulu that can assess the security risk associated with URLs by analyzing the content they point to, as well as the reputation of their corresponding domain names and IP addresses.
Zulu allows security savvy users who investigate various web attacks to choose what User-Agent and Referrer headers the scanner will use when accessing a URL. “A unique benefit of this approach is that we can deliver a risk score even when the page content is no longer available,” said Michael Sutton, vice president of security research at Zscaler. “While we can’t access the page, we can still assess the URL and host and when they deliver a high risk score despite a lack of page content, one can often conclude the page was indeed malicious but has since been taken down,” he explained.
Depending on the type of content a URL points to, Zulu can perform an antivirus scan using the VirusTotal multi-engine service, try to match a file’s MD5 hash in Zscaler’s database, search for known JavaScript obfuscation patterns and phishing heuristics, or use the company’s malware detection technologies.
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s