The Future of Malware Sandboxing is Here | Introduction to VMRay

VMRay Platform Core Capabilities

  • Fully Automated Analysis

    Hands-free features include simulated user interaction and automatic reboot. Analyzing through reboot triggers malicious behavior in persistent threats that only show their full malicious actions on reboot.

  • Automated IOC Extraction

    VMRay automatically generates IOCs with every analysis. Going beyond what a traditional sandbox will do, we apply VMRay Threat Identifier (VTI) rules to flag and score artifacts, filtering out the noise and providing true, actionable IOCs.

Phishing Detection

VMRay detects a wide range of phishing techniques including: – credential harvesting – drive-by downloads – file sharing web apps – HTML attachments – Safelinks are normalized and analyzed.

MITRE ATT&CK Framework Mapping

The MITRE ATT&CK framework is mapped to VMRay Threat Identifiers (VTIs). This allows security teams to understand the scale and impact of an incident fast, leading to actionable mitigation measures.