Discover how Expel, a global leader in IDC’s Marketspace for Managed Detection and Response (MDR) improves economy of service with VMRay.
Meet Expel, a global leader in IDC’s Marketspace for Managed Detection and Response (MDR). Their aim is to set the standard for transparent managed security, merging cutting-edge technology platforms with a fully equipped Security Operations Center (SOC).
Their harness security signals from their customers’ existing investments, providing comprehensive alert management and investigation capabilities around the clock.
“We took a look at a number of different sandboxes and chose VMRay for a number of reasons. -one of them in particular was that it gave us the best interface for analysts to use in terms of simplicity but the information they surfaced was exactly what we needed to keep our analysts moving quickly through the investigative process.”
Matt Peters, Chief Product Officer -former-
“Our goal here at Expel is answers, not alerts. We’re trying to pull the pieces of the puzzle together and be able to give the full story of an intrusion or attacker activity in the client’s system.
So, VMRay and its automated analysis has become an efficient time saver for us.”
Tyler Fornes, Principal Security Solutions Architect
In the realm of cybersecurity analysis, the quest for a trifecta—accuracy, depth, and speed—is often elusive. Many solutions force a trade-off, sacrificing one element for the sake of the others. Some provide swift analyses, but at the cost of accuracy or depth. Others, in pursuit of precision and depth, extend the duration of the analysis.
VMRay stands out by breaking this paradigm. It successfully unites accuracy, depth, and speed, offering security teams the rare advantage of comprehensive, precise, and time-efficient threat analyses. With VMRay, security professionals can navigate the intricate landscape of cyber threats without compromise.
“Typically, in the past, we might have had to wait hours or even days for L2 or L3 teams to investigate such an attack but with VMRay I can have that done in less than 15 minutes.”
Tyler Fornes, Principal Security Solutions Architect
“The most important capability in our investigative toolkit is VMRay.
Whether it’s investigating a suspicious link that redirects to a credential harvester or a suspicious Microsoft Word document that may contain malicious macros – VMRay allows us to detonate these samples safely and generate a detailed report of the resulting activity.
Armed with this information, we provide detailed, thorough recommendations to our customers.”
Ray Pugh – Director, Security Operations
Expel’s phishing service combines automated triage with meticulous manual analysis of reported emails, integrating seamlessly with endpoint detection and response (EDR) tools for a comprehensive security approach. VMRay’s integration enables simultaneous analysis of multiple samples, empowering analysts to deliver timely responses critical in the time-sensitive cybersecurity landscape.
VMRay’s unique approach to sandbox-evading malware involves a realistic simulation of a user endpoint, ensuring effective analysis of even the most sophisticated threats. The Expel Workbench streamlines this process, facilitating automated querying and enabling swift pivoting into the console for deeper investigations.
This integrated workflow allows Expel to efficiently scope environments for potential compromise, providing a targeted remediation response. In instances of active compromise, Expel engages customers promptly, collaborating until resolution. This streamlined approach, supported by VMRay’s capabilities, underscores Expel’s commitment to delivering effective and timely cybersecurity solutions.
For further details, you can read Expel’s blog post about how they use VMRay: https://expel.com/blog/how-we-use-vmray-to-support-expel-for-phishing/
“The most important capability in our investigative toolkit is VMRay.
Whether it’s investigating a suspicious link that redirects to a credential harvester or a suspicious Microsoft Word document that may contain malicious macros – VMRay allows us to detonate these samples safely and generate a detailed report of the resulting activity.
Armed with this information, we provide detailed, thorough recommendations to our customers.”
Ray Pugh – Director, Security Operations
Check our latest insights on malware, phishing, sandboxing, AI in cybersecurity, and much more.
Browse the courses about alert handling, deep threat analysis and response, threat intelligence generation and more.
See real-world examples of VMRay’s best-in-class malware analysis and detection platform.
Ready to stress-test your malware sandbox? Join us for a no-fluff, all-demo webinar that shows you real techniques to evaluate and optimize your sandboxing solution!