VMRay. 3rd Generation Threat Analysis & Detection.
Our agentless hypervisor-based malware analysis – 3rd Generation Threat Detection – delivers a fast and powerful defense in a rapidly evolving threat landscape.
See you at BlackHat Las Vegas – August 3/4.
Our co-founder Ralf Hund will be presenting on The Beast Within: Evading dynamic malware analysis using Microsoft COM at 3:50PM on Thursday August 4th.
Word macro uses WMI to detect VM environments
We recently came across an interesting malicious Word document that used an embedded Word macro to detect whether or not it was being opened inside a VM. If no VM was detected, the macro proceeded to attempt to download a payload (executable) to infect the machine. Let’s take a look at our analysis and how VMRay’s Function […]
Custom Threat Scoring with VTI
A deep dive into automated, customizable threat scoring In this second blog post about what’s new in V 1.10 we drill down into our VMRay Threat Identifier (VTI) engine and its threat scoring. It automatically identifies and flags malicious behavior using VTI rules, generating an overall severity score of malicious behavior. The VTI engine has […]
Powershell Ransomware – a PowerWare Deep Dive
Malware authors are always looking for an edge to evade detection and extend the useful life of their creations. In the constant cat-and-mouse game between malware authors and security vendors, malware authors must constantly revise and reinvent their product. They will consider anything they can do to avoid detection. Along these lines, Microsoft PowerShell has […]
“Dell SonicWALL Capture Advanced Threat Protection Service incorporates the VMRay third-generation Analyzer threat detection analysis engine, supporting Dell Security’s ability to deliver a first-to-market, adaptive, multi-engine sandboxing approach that enhances organizations’ ability to safeguard against today’s shape-shifting cyber threats.”
Patrick Sweeney, vice president, Product Management and Marketing, Dell Security
“VMRay has become one of the most important tools for our security team. We use it to analyze malware and also for system level hardening against common malware. We significantly reduced the time and effort needed for malware analysis.”
Adem Sen – CSIRT Lead – DB Systel GmbH (Deutsche Bahn)
“VMRay Analyzer is able to rapidly analyze zero day threats, targeted attacks, 64-bit rootkits and malware that evades existing virtual machine detonation technologies in the market today.”
Dmitri Alperovitch, Co-Founder and CTO of CrowdStrike
“Confer’s customers are targeted by some of the most evasive and advanced malware around. When analyzing a new threat, our team uses VMRay Analyzer to provide deep analysis and insights that surpass what we’ve seen from other sandboxing technologies. Like Confer, VMRay strikes a nice balance between being intuitive and easy-to-use while providing a powerful, rich, feature-set.”
Paul Drapeau, Principal Security Researcher, Confer
“We wanted a solution that could scale and easy to configure, manage and update for different types of malware. VMRay Analyzer was much easier to manage. It captured behavioural information to the depth and breadth that we needed. It was user-friendly, easy for our team to get up and running quickly. It captures a richer set of information than many other sandbox solutions and was easy for us to build upon.”
Large Enterprise Security Vendor