VMRay is a best-in-class, automated malware triage and phishing analysis platform to assist SecurityOperations Centers (SOC’s) with potential malware threats and the enrichment of EDR alerts with detailedIOCs and artifacts. When combined with Microsoft Defender for Endpoint, investigations are accelerated, and attacks can be quickly contained to minimize the risk of compromise.
VMRay’s integration with Microsoft Defender for Endpoint easily automates Tier 1 SOC tasks in high volume alert environments, providing alert enrichment, confident verdicts and aiding automated responses to stop attacks before they happen.
EDR alert validation can also dramatically reduce false positives and alert fatigue in the SOC, minimizing the reliance on human skilled Analysts to release them from mundane, repetitive tasks.
Augmenting Microsoft Defender for Endpoint solution with VMRay provides SOC teams with the ability to automatically identify and mitigate malicious known and previously unknown Zero-Day threats.
Ultimately, Microsoft Defender and VMRay reduce the SOC’s Mean Time To Detect (MTTD) and Mean Time To Resolution (MTTR), enhancing the overall economy of service.
Microsoft Defender for Endpoint is an enterprise endpoint security platform designed to help enterprise
networks prevent, detect, investigate, and respond to advanced threats. Recently named a leader in The
Forrester New Wave™: Extended Detection and Response (XDR) Providers, Q4 2021, Microsoft Defender for
Endpoint integrates with security information and event management (SIEM) and EDR/XDR solutions to
increase efficiency and effectiveness while securing an organization’s digital estate.
