Introduction: a Transformative Journey of Malware and Phishing Threats
In today’s highly regulated and data-sensitive environment, the Banking, Financial Services, and Insurance (BFSI) industry faces a unique set of security challenges. Protecting not only their own assets but also the sensitive data and financial resources of their customers is paramount.
In this success story, we explores how VMRay partnered with one of Europe’s largest BFSI organizations to enhance their cyber resilience through reliable and scalable threat analysis and a proactive security approach.
Customer Overview: a European Banking player
The Customer, a BFSI giant with over 50,000 employees, operates at the forefront of the European financial landscape. In an industry where data security and privacy are of utmost concern, the Customer relies on on-premises solutions as well as in-house created security tools to safeguard their assets and meet stringent regulatory requirements.
BFSI companies, known for their rigorous regulatory environment, prioritize the security of customer data and financial resources. VMRay’s approach of providing comprehensive features and capabilities for both on-premises and cloud deployments proved to be a significant differentiator.
The Journey Begins: In-depth analysis of challenging malware and phishing threats
Initially, the Customer engaged with VMRay to bolster their deep threat analysis capabilities. The VMRay platform became their primary sandbox for Incident Response, Forensics, Investigations, and Reverse Engineering. The value VMRay provided in these critical areas were clear: accurate and in-depth visibility into the threats, and clear reporting that benefited not only the expert analysts but also the rather less experienced ones.
“VMRay provided us with unparalleled accuracy, depth, and precision in understanding threats and responding to incidents in a timely manner. We use VMRay’s MITRE mapping to map to our detection capabilities and identify gaps in security posture.”
Advancing to Proactive Threat Hunting
As the partnership evolved, the Customer embraced more advanced use cases, including Proactive Threat Hunting. VMRay’s platform provided clear, actionable Indicators of Compromise (IOCs) that empowered the Customer to proactively hunt for threats. The IOCs and data about the threats were both accurate and relevant, as the VMRay Platform filters out the irrelevant artifacts and noise to provide a clear, actionable and easy-to-understand output.
This transition marked a shift towards building a proactive security approach, allowing the Customer to be ahead of emerging threats rather than reacting to existing ones.
The platform’s malware configuration extraction feature also played a vital role in this endeavor, enabling the Customer to follow the traces of malware families and mitigate threats effectively.
“With VMRay’s actionable IOCs, we’ve transformed our threat hunting from reactive to proactive, staying ahead of emerging threats.”
Security Automation: Where Speed Meets Quality
For the Customer, security automation was a key element of their strategy. They utilized a security orchestration tool, developed in-house, which served both as a Security Orchestration, Automation, and Response (SOAR) tool and a Threat Intelligence Platform (TIP). This tool orchestrated automated workflows, and stored IOC collections from analyzed samples to ensure preparedness against future attacks. VMRay’s actionable IOCs were instrumental in this process, as their precision and relevance enabled the Customer to trust the data and act swiftly.
“VMRay shatters the common belief that reliability and speed are mutually exclusive. We get both, and it’s a game-changer.”
With around 8,000 samples collected from various sources, including SEC email gateways, EDR, AV, and other security tools, the Customer required scalability and speed in their threat analysis. VMRay excelled in this aspect, offering deep yet rapid analysis. The platform’s ability to deliver both speed and quality became a distinct advantage for the Customer.
User-Reported Phishing: A New Horizon
Expanding their usage of the VMRay platform, the Customer ventured into user-reported phishing analysis. This marked yet another differentiator of the VMRay Platform. Beyond analyzing malicious samples, the platform employs its capabilities to analyzing emails, email attachments (even when password-protected), and URLs.
“The reliability and speed of VMRay’s analyses convinced us to expand into user-reported phishing, solidifying our trust in the platform.”
Future Plans and Acceptance of Cloud Deployment
Looking ahead, the Customer is eager to maximize their use of VMRay’s new portfolio. They value the platform’s in-depth analysis capabilities, which transcend mere malware classification. They seek the trifecta of speed, scale, and reliability in threat analysis. Additionally, the Customer plans to implement VMRay’s platform for Alert Enrichment, further enhancing their security operations and automation playbooks.
Privacy as a major decision-making factor in cybersecurity
Despite operating in a highly-regulated industry, the Customer is considering a move towards cloud deployment for various advantages of working on the cloud. However, this transition requires unwavering trust in data privacy. VMRay’s commitment to customer data privacy, ensuring it remains solely in the customers’ control even in a cloud-hosted environment, positions the company as a leader in this respect.
The Customer also emphasizes the importance of robust support during implementation, integrations, and connector setups. VMRay’s professional services, including onboarding, deployment support, automation integrations, and training, meet these critical needs.
“VMRay’s commitment to data privacy makes us confident about transitioning to cloud deployment, a significant advantage in our highly-regulated industry.”
Conclusion:
A Secure Digital Future with Peace of Mind
Digital transformation is the way forward. The BFSI companies need to develop and new digital products and services. In this highly-regulated and data-sensitive BFSI landscape, the Customer found a trusted companion in VMRay.
By delivering unparalleled accuracy, in-depth analysis, scalability, and speed, VMRay has empowered the Customer to bolster its security posture, develop a proactive and fact-based security, and embrace innovative security use cases. The Customer’s journey with VMRay is a testament to the platform’s reliability and effectiveness in securing critical industries.
Table of Contents
Depth & Precision
For the deep threat analysis purposes, the customer needed the accuracy, depth and precision that VMRay Platform offers to understand the threats and respond to incidents on time with reliability.
Proactive security &
SOC Maturity
They wanted to develop a proactive and fact-based security approach to have a complete understanding of the threat and improve detection capabilities, to have a stronger security posture when faced with the threat in the future.
Scale & Integrations
When applying advanced threat detection and analysis capabilities to security automation tools, the customer needed a combination of ultimate reliability with speed and scale.
Finding trust in a highly-regulated industry
To be able to consider cloud deployment options, the company needed to make sure that the privacy of their data and compliance with regulatory requirements are all covered.
