Tyler Fornes explains why VMRay Analyzer is particularly valuable to MDRs because it contributes more evidence as he and his team put the pieces of the puzzle together for their clients, and provide them with the “full story of an intrusion or attacker activity”. He goes on to stress that VMRay Analyzer saves Expel a significant amount of time because setting up their own dynamic execution environment, including all of the various VMs and operating systems and software needed, would be very time consuming, not to mention fraught with the risk of “accidentally popping ourselves” when detonating malware on their own machines. Keeping up with the attackers is crucial and here VMRay Analyzer excels too, “being able to identify their TTPs like the network callbacks that they have, the files that they are dropping on to a host machine, or even possibly the files they are taking from a network” helps him get answers to his clients faster and “prevent the intrusion from getting to its goal.”