Augment your SOAR with VMRay Analyzer

Complete your SOAR Strategy with the Best

VMRay Analyzer provides the best Verdicts & the highest quality Threat Intelligence
to help you augment your SOAR with the best Advanced Threat Detection & Analysis Platform

Threats are increasing and qualified security personnel is becoming more difficult to get. Alert fatigue feels like alert exhaustion. Security Orchestration Automation and Response (SOAR) is absolutely essential but it relies on quality data as input. Your SOAR analysis will only be as accurate as the dating.

VMRay can help you maximize your SOAR performance with the best threat intelligence available.

VMRay Analyzer gives you the data you need with best-of-breed malware and phishing analysis.

Based on the most powerful sandbox on the planet, and numerous unique technologies that we keep building on that basis, it provides you with superior verdicts and intelligence to feed your security orchestration and automation systems.

How to improve SOAR ( Security Orchestration Automation and Response) performance by feeding the process with accurate and noise-free data as the most reliable threat intelligence and avoiding alert fatigue

Maximize the ROI of your SOAR Systems

Complete your cyber posture and maximize your SOAR investment by using VMRay Analyzer as its foundation:

  • feeding in verdicts and intelligence to drive automation,
  • helping coordinate orchestration,
  • and accelerating response speed and quality.



Better playbooks based on Accurate Verdicts

SOAR Playbooks are powerful tools for coordination but they rely on the accurate assessment of threats.

This is where VMRay Analyzer steps in, by providing high-level verdicts that are the starting point for the plays in your playbooks.

Bogged down by a barrage of threats: Automation is now essential

With hundreds of threats per week – or even per day – alert exhaustion is inevitable, even if you are fully staffed (and who is these days?). So, automation is no longer a nice to have, but an absolute must-have.

VMRay Analyzer’s Connectors and REST API allow you to easily connect, and then immediately reduce the volume of threats your team has to deal with by automatically validating each of them. In other words, VMRay Analyzer sorts and sifts for you, so your team is free to focus on strategic tasks.


Respond Quicker with Deep Dives and Actionable Information

VMRay Analyzer also assists with SOAR response and remediation by enabling deep dives, without overwhelming you with noise.

Instead, it highlights critical intelligence in the online reports, featuring screenshots of the detonation and visual flows of the monitored processes. Our proprietary VTIs are very helpful when it comes to identifying those particularly deadly zero-day threats, APTs and ransomware.

VMRay Analyzer detects the undetectable, and turns the unknown into known.


Unmatched Intelligence and Automation based on the Deepest of Dives

For the trickiest of threats, the deepest dive is necessary and here again, VMRay Analyzer excels.

Within the online reports, detailed tabs take you down to the very lowest level of data detail including IOCs, Network behavior, AV and YARA reports, a MITRE ATT&CK matrix, and much more.

For programmatic interaction and time-saving automation, the complete JSON of the analysis results, and the comprehensive Analysis Archive which has everything you might need, means you can use the Analyzer API to make VMRay Analyzer do whatever you please.


An Assortment of Outputs that Enable Total Automation

It is not easy to predict what data you might need, or in what format, so we provide you with a wide assortment of output options.

These include online and customizable PDF reports, a comprehensive JSON with every analytical detail, a complete Analysis Archive which includes IOCs, screenshots of the detonation, memory dumps and much more.

Not only does your SOAR system get the verdicts and intelligence that it needs, but SIEM, Reporting, Archiving and other systems can be fed too.

Improve attack response automation with accurate and detailed data in various file formats and perfect integration with SOAR Tools

Connect with Ease

Getting set up is easy.

Quickly build your own customized connection using our REST API, or expedite the process with our pre-built Connectors, which are available for leading SOAR Tools.

The VMRay – Cortex XSOAR Connector enables users to design playbooks that involve analyzing a file in the VMRay Platform and retrieving the analysis results and associated threat intelligence.

Playbooks powered by the VMRay – Cortex XSOAR Connector help accelerate incident response and make security operations more scalable and efficient.

The VMRay – IBM Resilient Connector enables users to design dynamic playbooks that involve analyzing a file in VMRay Analyzer, retrieving the analysis results and viewing the associated analysis reports.

Dynamic playbooks powered by the VMRay – IBM Resilient Connector help accelerate incident response and drive down the average time to remediation.

The VMRay – InsightConnect Plugin enables security teams to design workflows that involve analyzing a file in VMRay Analyzer and retrieving the analysis results and associated threat intelligence.

VMRay Analyzer can be used as part of several InsightConnect workflows to mitigate the risk of potentially malicious files.

The VMRay – Phantom App enables security teams to design playbooks in Phantom that involve analyzing a file in VMRay Analyzer and retrieving the analysis results and associated threat intelligence.

VMRay Analyzer can be used as part of several Phantom playbooks including Phishing Investigation and Response or Ransomware Investigation and Containment to mitigate the risk of potentially malicious files.

The VMRay – Swimlane Connector enables users to design playbooks that involve analyzing potentially malicious files in VMRay Analyzer and retrieving the analysis results and associated threat intelligence.

Playbooks powered by the VMRay – Swimlane Connector help automate the incident response process for faster and more efficient advanced threat protection.

ThreatConnect uniquely synergizes SOAR, TIP, and Risk Quantification capabilities in a single platform to provide decision and operational support.

Our VMRay Analyzer ThreatConnect Playbook App augments ThreatConnect by providing threat intelligence and deeper dive analyses based on our best-of-breed sandbox and unique technologies, which in turn enables more informed decisions that can serve as the building blocks for greater orchestration and automation within ThreatConnect.

In addition, EDR and SIEM workflows can be enhanced with more accurate triaging and the elimination of false positives.

2 Convenient deployment options: Choose yours

VMRay Cloud Deployment



Cloud-based deployment offers faster time-to-value.

You don’t need any hardware to purchase or implementation, nor any maintenance effort is required. It’s easier to scale up and offers more flexibility in terms of regional coverage.



VMRay On-Premises Deployment



With on-premise option, no data leaves the organization’s network

It is therefore the preferred option of organizations that are required to keep sensitive data within their own environment for compliance reasons.



We are your Cyber Protection Partner Supporting you at Every Step

From initial contact to successful implementation, we support you every step of the way with complete support, comprehensive documentation (over 1500 pages in HTML and PDF format), and leading-edge research: constantly updating you about the latest threats, from our VMRay Labs Team.