VMRay & ThreatQuotient Connector

Create Threat Intel you can trust - with ThreatQuotient & VMRay Analyzer

VMRay Platform flexibly integrates with ThreatQ, automating the submission of files and URLs for analysis. Precise and actionable results are returned back that drive TI enrichment, block/allow decisions, threat hunting workflows and other security measures across the whole enterprise fleet. The Integration is available in two parts : VMRay TI Extraction and VMRay Operation.

Threatquotient - VMRay Connector

VMRay Operation Executive Summary

Connector Name: VMRay Operation

Connector Version: 1.0.0

Works with VMRay Platform Versions: 4.0, 4.1, 4.2

Owner of Connector: ThreatQ

ThreatQ Partner Page: VMRay Operation ThreatQ Marketplace Page

Primary Category: TIP

VMRay Operation Connection Capabilities

Connects Into Analyzer: Yes – The VMRay Operation is used to submit URLs, FQDNs and File Objects to VMRay Platform for analysis and retrieve reports in PDF format. File and URL analysis results including Verdicts, IOCs, VTIs, and YARA rule matches; malicious file hashes into ThreatQ (Threat Intel)

Use Cases: Enhanced Threat Intelligence, IOC Mining, Secure Detonation, Binary Evaluation

VMRay TI Extraction Executive Summary

Connector Name: VMRay TI Extraction

Connector Version: 1.0.1

Works with VMRay Platform Versions: 4.0, 4.1, 4.2

Owner of Connector: ThreatQ

ThreatQ Partner Page: VMRay TI Extraction ThreatQ Marketplace Page

Categories: TIP

VMRay TI Extraction Connection Capabilities

Connects Out of Analyzer: Yes – The VMRay TI Extraction ingests threat intelligence data that has been submitted to VMRay Platform via the “VMRay Operation”. VMRay Platform returns Indicators of type URL, MD5, SHA-1, SHA-256, Fuzzy Hash, IPv4 Address, Registry Key, Filename, FQDN and Malware Objects, Attack Patterns and uses basic HTTP authentication based on API key

Use Cases: Enhanced Threat Intelligence, IOC Mining, Detonation, Threat Hunting

Autonomous Response to critical malware alerts

VMRay + Palo Alto Networks       JOINT WEBINAR