By: Julien Sobrier

Zulu: The Warrior Is Even Stronger Now

Analysis

We have analyzed close to 100,000 URLs since we launched Zulu in January 2012. Zulu provides real-time analysis of web content to determinate whether it is safe or malicious. Our goal is and always has been to make this free service easy to use and understand.

We have made significant improvements to Zulu at all levels - a more user-friendly web UI, deeper inspection, a faster back-end, improved checks, etc. Here's the low-down on all of the improvements that we've made to date.

Faster

The average time to analyze a URL is now under 5 seconds! That's right, it takes less than 5 seconds to lookup the domain, download the content, run more than 20 checks on the URL, DNS records and page content, followed by ranking the submission as benign, suspicious or malicious.

Clear Reporting

In order to make Zulu accessible to everyone, we've simplified the reports and made them more intuitive. Each check now includes a clear explanation, to detail exactly what is being analyzed. Hover your mouse over the name of each check to receive additional detail.

Each rule has a clear description detailing exactly what it looks for


Individual checks have different weightings and will of course deliver different results. The significance of each check on the overall score is now indicated by one of the following graphics: a green downward arrow indicates decreased risk, a blue dash shows no impact on overall risk and shaded upward arrows ranging from green to red and growing in size, represent the degree to which overall risk has been  increased.

risk: decreased, none, low, medium, high


External elements

In addition to scanning the URL that is sent to Zulu, we now scan up to 10 external elements that may be found in an HTML page including JavaScript, CSS, IFRAMEs, EMBED tags, links, etc. We try to choose the external elements that are the most likely to contain malicious content.

External elements found on a page

These 10 elements are scanned in parallel to the main URL, ensuring only a minimal impact on overall processing time. The final score reflects the risk associated with the main URL and each external link. You can click on each link to get the full report for the external element. This is a critical change to ensure that we're also catching even a single malicious link injected into an otherwise legitimate page.

Feedback

A number of these improvements came from the feedback we received. Please don't hesitate to send an e-mail to the Zulu team, or send feedback, positive or negative, for individual Zulu submissions.
"Send us feedback" link

Zulu is free and easy to use, give it a try.

Learn more about Zscaler.