Dashboard
Risk Analysis
Backend Logic

Inspiration

The quality of threat analysis is directly tied to the quality of the input data. To enhance our analysis, we enrich raw data with details about open ports, web applications, CAPTCHA, and more.

How It Was Built

Our architecture was designed with scalability in mind, ensuring fast processing across multiple nodes. Solace's event broker efficiently distributes accounts to worker nodes, each performing specialized tasks. Once a task is complete, the node writes the results to the database and updates Solace. The entire system is containerized with Docker and deployable via Terraform for seamless scalability and flexibility.

Optimizing for Speed

We leveraged specialized APIs for their strengths while handling everything else in-house using FastAPI. This approach allowed us to distribute functions effectively via Solace, ensuring optimal performance.

Data Enrichment

Data enrichment combined our in-house tools with external APIs to deliver comprehensive results. Shodan provided fast insights on domains, ports, and IPs, while Ransomwatch and Ransomware.live helped identify potential breaches. Our FastAPI backend also analyzed web pages for login forms, routability, CAPTCHA, and other features, ensuring detailed data coverage.

Use of Terraform

Terraform made it easy to deploy and manage worker nodes alongside the Solace message broker. Its flexibility allowed us to quickly scale the system by modifying a single file, making it adaptable to changing workloads.

Use of Solace

Solace was integral to task distribution, ensuring efficient work division among worker nodes. Its queuing system enabled nodes to pick up new tasks as they became available, eliminating bottlenecks and maximizing throughput.

Use of groq

With groq, we leveraged LLama 3.3 and Whisper to provide an overall security score based on the analysis of the accounts. This includes warnings about compromised passwords or enabling two factor authentication as risk factors. groq also provides recommendations on how to resolve these issues. Using our chat feature, the user can get live information about its security.