Learn about zvelo’s unique hybrid approach to web content categorization and malicious detection. With over 20 years of experience and partnerships with some of the world’s leading anti-virus, MSSPs, and communications companies—zvelo’s next-generation approach achieves industry-leading coverage and accuracy for end users worldwide.
zveloDB™ is the market’s premium URL database and web classification service, providing best-in-class accuracy and coverage. The zveloDB supports nearly 500 topic-based, malicious, phishing, objectionable and sensitive categories, powering the world’s leading Web and DNS Filtering, Endpoint Security, Brand Safety, Contextual Targeting, Subscriber Analytics, and other applications.
In a previous blog, we explored the important differences between base domains and full path URLs. In this post, we wanted to take a step back and cover the basics—the individual structural elements of a URL (Uniform Resource Locator).
As more and more companies are pursuing “Data as a service” or “DaaS” business models, we wanted to share our experiences on the DaaS business model, with a specific focus on the challenges of Intellectual Property Rights (IPR) protections for DaaS data.
Over the past several years, there’s been a significant increase in mobile phishing attacks—particularly targeting enterprises. In this blog, we cover 9 tips and strategies to improve your security against mobile phishing attacks.
Over many years or testing, trial and error, zvelo ultimately determined that a human-machine “hybrid” approach to classification produced the best outcomes. The Human element provided the verifications necessary for the highest levels of accuracy, while machines (ie. AI/ML models and calculations) provided the scaling necessary to deal with the incredible volumes of new URLs and content being published at an increasing rate.
As discussed in a previous blog, DNS RPZ provides IT teams and network administrators with a “DNS configuration layer”, or rewrite module, to effectively handle DNS responses with the open source domain name system software, BIND.
First off, let’s make it clear that there is nothing inherently malicious about the act of cryptocurrency mining. Rather, over the past couple of years cybercriminals and bad actors have leveraged existing exploits and found unsecured hardware to implant Cryptocurrency Mining code and steal CPU/GPU cycles from computer owners and website visitors without their knowledge. These activities are what we refer to as “Malicious Cryptocurrency Mining”.
Since the release of BIND 9 in 2010, RPZ has proven a powerful technology for security and network management—allowing organizations to implement an additional DNS configuration layer. In fact, BIND is the most widely used Domain Name System software on the internet—making RPZ configuration options like integrating commercial feeds, blocklists, and URL databases like zveloDB™ all the more attractive. So let’s take a moment to revisit the advantages of RPZ.
Over the past decade, the use of “clickbait” ads has become the norm in order to entice viewers to click on the ad and drive traffic to a publisher. Web surfers have grown accustomed to seeing the same types of clickbait ads and sponsored stories like the ones shown below with sensational headlines about curing cancer, stopping aging, improving your sex life and more.
I was recently debugging a nasty issue in one of our backend services and needed to view the exact HTTP request & response being sent to an authentication server. Fortunately, Go’s standard library provides http.RoundTripper, httputil.DumpRequestOut & httputil.DumpResponse, which are great for dumping the exact out-bound request & the response. But since an authentication request contains credentials and a response contains a security token, it would have been insecure to record credentials & tokens in our logging systems. How could I securely exfiltrate the information I needed, while maintaining security and not requiring a whole lot of changes to my codebase or deployment environment?