Introduction
Finally, spring has come to our headquarters, bringing a fresh and new start. The freshness came around to VMRay’s products, too, as we are proud to introduce our new product portfolio that aims to boost the productivity of security operations. You will find more information on our products further in this post and on our website, and now let’s dive into our latest achievements of the 2023.2.0 release:
- New product portfolio with extensive product plans
- Adding support for OneNote samples
- Keeping up to date with the threat landscape
New Product Portfolio
Meet DeepResponse, FinalVerdict and TotalInsight. Each product offers various plans that address the needs of different customers with unique usage behaviors. All three products are built on the highly efficient VMRay Platform.
With the new product portfolio, we offer unlimited plans and the ability to switch between products and plans to fit into the scaling needs of our customers. As of 2023.2.0, the products can be licensed for Cloud and On Prem customers. Your account manager will provide full details on the available products, plans and configurations.
Let’s take a closer look at each product’s capabilities.
DeepResponse
With a focus on speed and efficiency, DeepResponse accelerates the investigation and provides you with the necessary insights to fully understand the threats you face.
DeepResponse supports manual submissions via the Console and analyses of many malware samples on multiple operating systems with extensive configuration options. This product is intended to help SOC Analysts reduce incident response times, improve the ROI of your threat-hunting efforts, and enable you to start your detection engineering journey efficiently.
FinalVerdict
As the single reliable source of truth, FinalVerdict provides timely insights into malware and phishing threats. With FinalVerdict, you can use automatic sample submission via API to respond to advanced threats and increase SOC effectiveness.
For large enterprises and MSSPs, FinalVerdict is intended to help you automate the triage of EDR/XDR/SIEM/SOAR malware-related alerts to identify “suspicious” alerts as malicious or benign, with seamless integration into other industry-leading security platforms.
TotalInsight
With advanced monitoring & detection capabilities, configuration extraction, IOC scoring technologies, and API-first approach, TotalInsight enables you to quickly & effectively analyze even the most evasive malware samples and turn them into accurate, actionable intelligence.
TotalInsight is the most versatile product that allows for manual and automated samples submissions, including full reporting, reliable verdicts at scale, and robust API integrations with numerous Threat Intel platforms and cyber security frameworks. This fully autonomous product studies malware samples behavior, filters out all non-malicious activities, and provides you with fully actionable IOCs and more valuable insights. TotalInsight is the most scalable product, with the largest User Quota and Dynamic Analyses available monthly.
For government & private sector organizations, TotalInsight can help you curate your own threat intelligence to better defend against targeted, custom-crafted, and industry-specific threats.
VMRay Analyzer Retirement
With the rollout of DeepResponse, FinalVerdict and TotalInsight, our legacy product – VMRay Analyzer – is discontinued. As a consequence, new functionalities may not be included in legacy plans in the future.
Current Analyzer plans are still supported for existing customers.
Microsoft OneNote Document Samples Support
Recently we observed some interesting and highly impactful changes in the Threat Landscape. In early 2023 complex malware actors adopted the technique of using OneNote files to deliver well-known malware families such as QBot, Emotet, BumbleBee, and AsyncRAT, among others. Immediately we rolled up our sleeves and addressed this latest malware technique by adding analysis of OneNote filetype to VMRay Platform products.
The embedded files from OneNote samples get extracted and then recursively analyzed as part of the analysis. The file extraction is implemented for .one files; we do not support .onetoc2 yet.
Final Thoughts
Ultimately, we hope that the new VMRay products offering will help you to address all sorts of your SOC & TI-related challenges and boost your productivity and efficacy. Enjoy with us the freshness of spring and follow our ongoing journey.
Soon, the summer heat will increase. Until then, we await the next stop to bring some coolness to our analysis capabilities.
