Threatglass was built as a frontend for a large-scale, automated system that leverages heavyweight virtualization to detect web-based malware in a vulnerability and exploit-independent manner. The platform analyzes millions of websites each week.
Websites for inspection are sourced from multiple data feeds including the Alexa top 25,000 websites, social feeds and suspicious websites from Barracuda’s customer network, consisting of more than 150,000 organizations worldwide.
In addition to screen captures of the infections, Threatglass displays various representations of network traffic including DNS, HTTP, and netflow in both graphical and textual formats. The system has cataloged approximately 10,000 live web-based malware attacks and adds new ones each day.
- Casually browse website infections in an Pinterest-like graphical representation
- View charting and trending data of historical malware volumes
- Examine relationships between various components of an attacker ring.
- Share data among other researchers
- Review easily-parsed breakout data as well as source data
- Submit websites for inspection and analysis.