VMRay & Anomali ThreatStream | Providing Context & Actionable Information for Security Teams

 

Security teams utilize a wide variety of threat intelligence sources feeding them indicators of compromise, but knowing an IP address or domain name is just the first step in preventing or responding to a threat. Enriching the context around indicators of compromise (IOCs) dramatically increases their value to analysts, and augmenting your threat research with advanced threat analysis services, such as sandboxing, provides critical details.

The VMRay – Anomali ThreatStream integration allows for seamless integration for the automatic distribution of IOCs. Security teams looking to operationalize threat intelligence will see immediate value from this easy-to-implement connector. See how easy it is to send a sample to VMRay for analysis, return the results back into ThreatStream automatically and visualize all the IOCs in a single pane of glass.

In this demonstration video, VMRay Solutions Engineer, Ben Abbot will showcase the integration between Anomali’s ThreatStream Platform and VMRay Analyzer. Ben will show how within ThreatStream, you can submit files and URLs to VMRay. After the analysis is complete you will see how to visualize the VMRay results within ThreatStream. Here analysts will have the ability to:

  • View screenshots taken during the dynamic analysis
  • Download the PCAP file
  • Export a PDF of the report
  • Create a new or add to an existing investigation
  • See hash details, behaviors observed, and network activity

Want to get hands-on with the VMRay Analyzer & Anomali Threat Stream integration? Request a trial today!