Hands-free features include simulated user interaction and automatic reboot. Analyzing through reboot triggers malicious behavior in persistent threats that only show their full malicious actions on reboot.
VMRay’s advanced threat analysis and detection solution is built on a common platform with a best-of-breed sandbox technology at its core.
Surmounting the persistent shortcomings of other DFIR tools, VMRay delivers rapid detection results and in-depth analysis reports without compromising performance or security.
VMRay flexibly integrates with other systems, automating the submission of files and URLs for analysis. Precise, actionable results are returned that drive block/allow decisions and other security measures across the enterprise.
The Future of Malware Sandboxing is Here | Introduction to VMRay
VMRay Platform Core Capabilities
Fully Automated Analysis
Automated IOC Extraction
VMRay automatically generates IOCs with every analysis. Going beyond what a traditional sandbox will do, we apply VMRay Threat Identifier (VTI) rules to flag and score artifacts, filtering out the noise and providing true, actionable IOCs.
VMRay detects a wide range of phishing techniques including: – credential harvesting – drive-by downloads – file sharing web apps – HTML attachments – Safelinks are normalized and analyzed.
MITRE ATT&CK Framework Mapping
The MITRE ATT&CK framework is mapped to VMRay Threat Identifiers (VTIs). This allows security teams to understand the scale and impact of an incident fast, leading to actionable mitigation measures.