Explore how a European banking giant transformed its security against malware and phishing threats with the VMRay Platform.
In today’s highly regulated and data-sensitive environment, the Banking, Financial Services, and Insurance (BFSI) industry faces a unique set of security challenges. Protecting not only their own assets but also the sensitive data and financial resources of their customers is paramount.
In this success story, we explores how VMRay partnered with one of Europe’s largest BFSI organizations to enhance their cyber resilience through reliable and scalable threat analysis and a proactive security approach.
The Customer, a BFSI giant with over 50,000 employees, operates at the forefront of the European financial landscape. In an industry where data security and privacy are of utmost concern, the Customer relies on on-premises solutions as well as in-house created security tools to safeguard their assets and meet stringent regulatory requirements.
BFSI companies, known for their rigorous regulatory environment, prioritize the security of customer data and financial resources. VMRay’s approach of providing comprehensive features and capabilities for both on-premises and cloud deployments proved to be a significant differentiator.
Initially, the Customer engaged with VMRay to bolster their deep threat analysis capabilities. The VMRay platform became their primary sandbox for Incident Response, Forensics, Investigations, and Reverse Engineering. The value VMRay provided in these critical areas were clear: accurate and in-depth visibility into the threats, and clear reporting that benefited not only the expert analysts but also the rather less experienced ones.
“VMRay provided us with unparalleled accuracy, depth, and precision in understanding threats and responding to incidents in a timely manner. We use VMRay’s MITRE mapping to map to our detection capabilities and identify gaps in security posture.”
As the partnership evolved, the Customer embraced more advanced use cases, including Proactive Threat Hunting. VMRay’s platform provided clear, actionable Indicators of Compromise (IOCs) that empowered the Customer to proactively hunt for threats. The IOCs and data about the threats were both accurate and relevant, as the VMRay Platform filters out the irrelevant artifacts and noise to provide a clear, actionable and easy-to-understand output.
This transition marked a shift towards building a proactive security approach, allowing the Customer to be ahead of emerging threats rather than reacting to existing ones.
The platform’s malware configuration extraction feature also played a vital role in this endeavor, enabling the Customer to follow the traces of malware families and mitigate threats effectively.
“With VMRay’s actionable IOCs, we’ve transformed our threat hunting from reactive to proactive, staying ahead of emerging threats.”
For the Customer, security automation was a key element of their strategy. They utilized a security orchestration tool, developed in-house, which served both as a Security Orchestration, Automation, and Response (SOAR) tool and a Threat Intelligence Platform (TIP). This tool orchestrated automated workflows, and stored IOC collections from analyzed samples to ensure preparedness against future attacks. VMRay’s actionable IOCs were instrumental in this process, as their precision and relevance enabled the Customer to trust the data and act swiftly.
“VMRay shatters the common belief that reliability and speed are mutually exclusive. We get both, and it’s a game-changer.”
With around 8,000 samples collected from various sources, including SEC email gateways, EDR, AV, and other security tools, the Customer required scalability and speed in their threat analysis. VMRay excelled in this aspect, offering deep yet rapid analysis. The platform’s ability to deliver both speed and quality became a distinct advantage for the Customer.
Expanding their usage of the VMRay platform, the Customer ventured into user-reported phishing analysis. This marked yet another differentiator of the VMRay Platform. Beyond analyzing malicious samples, the platform employs its capabilities to analyzing emails, email attachments (even when password-protected), and URLs.
“The reliability and speed of VMRay’s analyses convinced us to expand into user-reported phishing, solidifying our trust in the platform.”
Looking ahead, the Customer is eager to maximize their use of VMRay’s new portfolio. They value the platform’s in-depth analysis capabilities, which transcend mere malware classification. They seek the trifecta of speed, scale, and reliability in threat analysis. Additionally, the Customer plans to implement VMRay’s platform for Alert Enrichment, further enhancing their security operations and automation playbooks.
Despite operating in a highly-regulated industry, the Customer is considering a move towards cloud deployment for various advantages of working on the cloud. However, this transition requires unwavering trust in data privacy. VMRay’s commitment to customer data privacy, ensuring it remains solely in the customers’ control even in a cloud-hosted environment, positions the company as a leader in this respect.
The Customer also emphasizes the importance of robust support during implementation, integrations, and connector setups. VMRay’s professional services, including onboarding, deployment support, automation integrations, and training, meet these critical needs.
“VMRay’s commitment to data privacy makes us confident about transitioning to cloud deployment, a significant advantage in our highly-regulated industry.”
Digital transformation is the way forward. The BFSI companies need to develop and new digital products and services. In this highly-regulated and data-sensitive BFSI landscape, the Customer found a trusted companion in VMRay.
By delivering unparalleled accuracy, in-depth analysis, scalability, and speed, VMRay has empowered the Customer to bolster its security posture, develop a proactive and fact-based security, and embrace innovative security use cases. The Customer’s journey with VMRay is a testament to the platform’s reliability and effectiveness in securing critical industries.
For the deep threat analysis purposes, the customer needed the accuracy, depth and precision that VMRay Platform offers to understand the threats and respond to incidents on time with reliability.
They wanted to develop a proactive and fact-based security approach to have a complete understanding of the threat and improve detection capabilities, to have a stronger security posture when faced with the threat in the future.
Check our latest insights on malware, phishing, sandboxing, AI in cybersecurity, and much more.
Browse the courses about alert handling, deep threat analysis and response, threat intelligence generation and more.
See real-world examples of VMRay’s best-in-class malware analysis and detection platform.