The Sandbox Technology Gold Standard for Malware Detection and Analysis - Made-In-Germany.

Highly resistant to Sandbox Evasion

Complete visibility of malware behaviour

Shortening of the dwell time of attackers

Highly scalable, without compromising the quality of analysis

VMRay Logo

Unique selling points

  • Internationally recognised technology experts

    The founders of VMRay, Dr. Carsten Willems and Dr. Ralf Hund, are internationally recognized pioneers and experts in the field of malware sandboxing. They come from the cybersecurity talent pool of the Ruhr-University Bochum and have translated their research work into industry-leading technologies to protect against advanced malware threats.

  • Excellent worldwide reputation with SOC and IR teams

    VMRay has built an excellent reputation and credibility by working with many well-known private and public companies as well as public authorities and government-related organisations.

  • High-performance, worldwide unique technology

    VMRay solutions are based on agentless, hypervisor-based technology that is virtually invisible to malware. Since no obfuscation attempts are triggered by the malware, VMRay technologies are highly resistant to Sandbox Evasion. This "invisibility", combined with high-performance analysis execution, provides security teams with detailed insight into malware behaviour. VMRay sees significantly more than traditional sandboxing technologies.

     

Function Overview

VMRay is the leading provider of sandbox technologies for cyber threat detection and analysis.

In the Cyber Security environment, a sandbox refers to a sealed off secure area where potentially unsafe actions or malware can be executed by attackers and the effects of the execution can be analysed. The validation of a potentially damaging action ensures that IT systems can run safely and stably and prevents the attackers from stealing sensitive company data or sabotaging critical systems.

To detect malware, VMRay combines various complementary technologies in a three-step analysis process To this end, suspicious files from various sources are collected, analysed and prepared in detailed reports.

Reliable IOCs (Indicators of Compromise) are extracted from the mass of forensic data, while conspicuous but harmless background noise is filtered out just as reliably - a relief for security teams plagued by Alert Fatigue.

NOW analysis level

VMRay's fast Reputation Engine identifies known benign, malicious and potentially dangerous files within milliseconds.

NEAR analysis level

VMRay's Static Analysis Engine extracts and analyses suspicious files and URLs, filters out malicious elements and deobfuscates active code.

DEEP analysis level

VMRay's Dynamic Analysis Engine detects zero-day and highly invasive Malware and complex, targeted attacks.

Product overview

VMRay's solution portfolio consists of VMRay Analyzer, VMRay Detector and VMRay Email Threat Defender.

VMRay Analyzer

VMRay Analyzer is the gold standard for dynamic malware analysis, providing granular insight into the behavior of zero-day attacks, highly evasive/amorphous malware, and targeted, complex attacks. Primarily used in the areas of Digital Forensics & Incident Response and SOC.

Key features and benefits include Alert Triage, automated extraction of IOCs (Indicators of Compromise), generation of Threat Intelligence, detection of attack vectors, acceleration of Incident Investigation and Response. Available as OnPremises and Cloud solution for Windows and MacOS.

VMRay Detector

VMRay Detector is an add-on to VMRay Analyzer (not available as a stand-alone product) and is designed to scan large volumes of potentially dangerous files. The result is returned as a verdict on the type and damage potential (score) of the examined samples. Granular reports with a high level of detail, as with VMRay Analyzer, are not generated. Primarily used in the SOC area. Among the primary functions and advantages Advanced Threat Detection, Alert Triage, high performance and scalable (verdict within seconds). VMRay Detector is available as OnPremises and Cloud solution for Windows and MacOS.

VMRay ETD

VMRay Email Threat Defender increases the effectiveness of existing email security systems (e.g. gateways). The solution focuses on advanced threat detection, i.e. the detection of advanced malware that is able to bypass traditional anti-phishing and anti-SPAM measures.
Primarily used in the SOC sector. The results of the analysis are returned in the form of a verdict with an evaluation of the threat potential (score). The functions include: Automated scanning of incoming emails, analysis of content, attachments and embedded URLs, automated information from affected users and the security team. Available as on-premises or cloud solution.

Licensing

  • A quota of 100 incoming malware analyses per day is licensed, with the result being issued as a detailed report.
  • Unused analysis quotas cannot be carried over to the next day.
  • VMRay Analyzer is available as a cloud or OnPremises solution in the form of subscription or perpetual licenses.

Licensing

  • A VMRay Analyzer licence is required
  • A quota of 100 malware analyses per day is licensed, whereby the results are displayed as verdicts (versus detailed reports as with VMRay Analyzer).
  • Unused analysis quotas cannot be carried over to the next day.
  • The number of detailed malware analysis reports is limited to the underlying quota of VMRay Analyzer.
  • VMRay Detector Addon is available as a cloud or OnPremises solution in the form of subscription or perpetual licenses.

Licensing

  • The number of existing user mailboxes is licensed.
  • VMRay Email Threat Defender is available as a cloud or OnPremises solution in the form of subscription licenses.

Impact of VMRay technology
on security, compliance, processes and scalability

Impact on security

Sandboxing solutions are important building blocks in a company's security stack; they serve to detect and analyse modern malware. VMRay products can fulfil this task in a unique way. However, their full potential is unlocked by integrating them into the existing security landscape, because VMRay delivers threat information that can significantly increase the efficiency of individual systems. If the entire security stack benefits, the result is a significantly improved cyber-resilience of the company.

Impact on compliance requirements

VMRay supports companies in meeting internal, national and international compliance requirements. VMRay operates data centres both in Germany and in the USA, which is an important criteria for companies with data storage requirements. VMRay has ISO 27001 certification, both data centres are DSGVO / GDPR compliant and also comply with the California Data Privacy Act and the Singapore Monetary Authority Guidelines. VMRay technologies support Single Sign-On (SAML 2.0 support) and Multi-Factor Authentication (Time-Based One-Time Password).

Impact on the optimisation of IT resources

Features such as automated detection and analysis of suspicious files, reports with varying levels of detail and alert triage help IR and SOC teams to cope with their many tasks and enable security teams with thin staffing levels to implement scalable processes. VMRay technologies are known for extracting reliable IOCs from the mass of forensic data and filtering out conspicuous but legitimate background noise. This is done fully automatically and protects security teams from the now problematic "alert fatigue", the overload and fatigue caused by false alarms.

Vendor support

  • Support is provided for active maintenance, i.e. subscription or perpetual maintenance.
  • Support is available via web or e-mail.
  • Support hours: 8x5, during normal business hours

Certifications

  • GDPR Compliant
  • ISO27001

Technology partnerships of the vendor

VMRay works closely with leading cyber security and infrastructure vendors to provide seamless, holistic solutions for advanced threat detection and analysis. Amongst others, VMRay works with technology partners in the areas of Endpoint Protection (EPP), Big Data, Gateway Security, SecOps Automation (SOAR) and Threat Intelligence Platform (TIP).

  • Anomali (SOAR & TIP)
  • Carbon Black (EPP)
  • Cybereason (EPP)
  • Cybersponse (SOAR & TIP)
  • EclecticIQ (SOAR & TIP)
  • IBM Resilient (SOAR & TIP)
  • InQuest (Big Data)
  • MISP (TIP)
  • Palo Alto Networks – Demisto (SOAR & TIP)
  • Rapid7 (SOAR & TIP)
  • SentinelOne (EPP)
  • Siemplify (SOAR & TIP)
  • Splunk-Phantom (SIEM, SOAR)

  • About VMRay

    VMRay has a clear mission: to help companies protect themselves against the growing global malware threat.

    VMRay's automated malware analysis and detection technologies help companies around the world to mitigate business risk, protect valuable data information, and sustain reputation.

  • References

    Many global companies have already chosen VMRay to detect and analyze zero-day threats and complex targeted malware, but most want to remain anonymous. But this much can be said: 3 of the 5 FAANG technology giants (Facebook, Amazon, Apple, Netflix, Google), 4 of the 6 largest accounting firms, 10 global financial groups and 65 national and international government institutions are among VMRay's satisfied customers.

  • Benefits of a partnership with VMRay

    • Made-in-Germany", ISO 27001 certification as well as data centres either in Germany or the USA are strong sales arguments.
    • The market for detection and DFIR technologies offers double-digit growth opportunities and attractive margins.
    • Cooperation with an up-and-coming company on a global expansion course.
    • Partners can generate above average consulting and service revenues with VMRay.
    • Partners can quickly offer consulting services in the MITRE ATT@CK environment.
    • Partners benefit from the great cross-selling potential with existing customers, as threat detection is a market of the future.

  • Benefits of a partnership with ectacom

    • 17 years of successful cybersecurity distribution in Central and Eastern Europe
    • Growth-enhancing partner marketing campaigns
    • Experienced Cybersecurity Senior Product Management
    • Extensive VMRay professional services, e.g. pre-sales support on site or remote
    • Sales and technical training for partners at ectacom locations, on-site or as virtual training

Do you have questions about VMRay?

Contact us:
Tel. +49.8102.8952-0

Or write to us:

Contact form

Further Informations:

For more information, visit
the Vendor’s website:

www.vmray.com
Ectacom HQ Munich

ectacom GmbH
+49 8102 8952-0
Friedrich-Bergius-Str. 12
D-85662 Hohenbrunn

ECTACOM Vienna

ectacom Salesoffice
+43 664 42 20 555
Am Europlatz 2
A-1120 Wien

ECTACOM POLAND

ectacom Salesoffice
+48 501 295 580
This email address is being protected from spambots. You need JavaScript enabled to view it.
Warsaw