VMRay’s malware alert triage enriches SOAR incident data with accurate, collated reporting and increased operational threat intelligence. Prioritized IOCs and malware artifacts identified by VMRay assist in threat hunting, detection engineering, and other threat mitigation tasks.
By automating malware alert triage, VMRay provides a definitive verdict to facilitate the automation of accurate SOAR Alert blacklisting or whitelisting of true and false positives to identify legitimate threats.
Integrated as part of a SOAR Malware playbook, actions such as remediation, quarantining, or forensic snapshots can be automated – based on a definitive verdict from VMRay – ensuring legitimate end-user activity does not impact business productivity.