What we do

VMRay delivers advanced threat analysis and detection that combines a unique agentless hypervisor-based network sandbox with a real-time reputation engine. The combination provides both fast, high volume file classification and deep malware analysis. The VMRay Analyzer is platform independent and highly scalable, the result of a decade of R&D by some of the world’s leading experts on dynamic malware analysis. By monitoring at the hypervisor level, it is undetectable by malware running in the target operating system. VMRay serves leading enterprises around the world.

Who we are

VMRay was founded by Carsten Willems and Ralf Hund. Prior to VMRay, they collaborated for years in several academic projects, such as the dynamic behavior analysis of malware, clustering and classification of malicious code, vulnerability research of Windows systems, and reversing/breaking the encryption of contemporary satellite phones. After each receiving their Ph.D., they founded VMRay to transform their deep expertise in malware research into useful ways to make the on-line world a safer place.




Carsten is the original developer of CWSandbox, a commercial malware analysis suite that was later renamed to GFI Sandbox, and now Threat Analyzer by ThreatTrack Security. He is a pioneer in creating commercial software for dynamic malware analysis, and is one of the experts in this field worldwide. He achieved his Ph.D. in computer science / IT-security at the Ruhr-University of Bochum in 2013 and has more than 15 years of experience in malware research and software design. He already founded several companies, assisted many companies in IT-security related operations and regularly gives presentations at academic and industry conferences.


Ralf achieved his Ph.D. in computer science / IT-security at the Ruhr-University of Bochum in 2013. During his studies he focused on new analysis methods for software binaries, with a strong focus on malware. His findings were published and presented at many leading academic IT security conferences and received several awards for outstanding work. He also contributed to the popular academic malware analyzer Anubis during the course of his research. He has experience in malware research and software development for more than 10 years and is an active speaker at various academic and industrial conferences. His special interests lie in virtualization techniques and its application to software analysis.



Chad has been involved in enterprise security for over 20 years. Prior to VMRay he managed technology alliances at RSA, the security division of EMC. He came on board RSA via their acquisition of Silicium Security and Silicium ‘s ECAT ETDR (Endpoint Threat Detection and Response) technology where he ran sales and marketing. Prior to Silicium he ran Sunbelt Software’s Advanced Technology Group (ATG), bringing to market the CWSandbox malware analyzer and Sunbelt’s ThreatTrack threat intel feeds. Sunbelt was acquired by GFI, and is now ThreatTrack Security.

Advisory Board

The management is assisted by an independent, international advisory board that consists of experts from different fields, such as business development, strategic partnerships, malware research, and global IT-security market.

Alex Eckelberry

Alex is a leading industry expert on security issues and is currently an independent advisor and board member to a broad range of companies. Most recently, he was president of the security business unit of GFI Software, subsequent to GFI’s acquisition of security innovator Sunbelt Software. Previously, he was the CEO of Sunbelt Software for over eight years, where he transformed the company into one of industry’s leading security providers for both business and homes. He has over 25 years of experience in technology and related areas, having worked for Borland International, Quarterdeck Corporation, Mijenix Software and Kroll Ontrack. Alex also spent several years working in private equity at Bulldog Capital Management (now part of Monitor), where he invested in a wide range of technology companies. He has written and spoken extensively on the subject of security, personal protection and trends in malware and has been publicly recognized by Google for contributions to Google’s security and product safety. His community involvement includes co-founding Phishing Incidence and Response Termination (PIRT) and the Julie Group, which seeks fairness in the intersection of technology and law.

Mike Rogers

Mike is a Strategy, Corporate and Business Development expert with a 25+ year background in Banking, Digital Media and Cybersecurity. Mike is a veteran consultant to early stage companies, having formed and built two management consulting practices in Silicon Valley, after successful Executive Strategy, Corporate and Business Development roles at OpenTV, Cyberguard, Secure Computing, and Lumension Security. Mike has a BA in Economics from the University of Michigan, and an MBA in International Finance from Thunderbird.

Dr. Rolf-Christian Wentz

Rolf-Christian is a business angel and consultant/coach. He has investments in various start-ups, including in software. He is also a lecturer in innovation management at the RWTH University Aachen and at the University of Hamburg, Germany, and is a member of the board of Zooplus AG, the European e-commerce market leader in pet supplies. Before his current activities, Rolf-Christian worked as a manager for Procter & Gamble, SC Johnson and Campbell Soup for 26 years. After being finance director and then marketing director at P&G, over the last eight years of his managerial career he was the managing director responsible for the Central European and the German business unit, respectively, of the latter two companies. Rolf-Christian has a Ph.D. in business administration from the University of Cologne, Germany. He is author of “The Innovation Machine: How the world’s best companies manage innovation.”

Willi Mannheims

Willi is the managing partner at eCapital. With 25 years of experience in venture and private equity, Willi has lead 4 successful IPOs while serving in leadership positions at several small and medium sized technological growth companies including: Daimler Chrysler (Business Development & Strategic Planning), Cubis AG (Head of Business Development); Secunet AG (Founder & CEO); escrypt GmbH (CEO), Eracom AG (CEO), and ISITS AG (CEO). Willi received his MBA from the Henley Management College UK and Graduate degree as an aerospace engineer from RWTH Aachen.