About The Partner:
ThreatQuotient improves security operations by fusing together data sources, tools & teams to accelerate threat detection & response. ThreatQuotient’s data-driven security operations platform helps teams prioritize, automate & collaborate on security incidents; enables more focused decision making & maximizes limited resources by integrating existing processes & technologies into a unified workspace.
Learn more
ThreatQ + VMRay Platform
VMRay Platform flexibly integrates with ThreatQ, automating the submission of files and URLs for analysis. Precise and actionable results are returned back that drive TI enrichment, block/allow decisions, threat hunting workflows and other security measures across the whole enterprise fleet. The Integration is available in two parts : VMRay TI Extraction and VMRay Operation.
Download The Solution Brief
VMRay Operation Connection Capabilities
Connects Into Analyzer: Yes – The VMRay Operation is used to submit URLs, FQDNs and File Objects to VMRay Platform for analysis and retrieve reports in PDF format. File and URL analysis results including Verdicts, IOCs, VTIs, and YARA rule matches; malicious file hashes into ThreatQ (Threat Intel)
Use Cases: Enhanced Threat Intelligence, IOC Mining, Secure Detonation, Binary Evaluation
Try The Integration NOW
VMRay TI Extraction Connection Capabilities
Connects Out of Analyzer: Yes – The VMRay TI Extraction ingests threat intelligence data that has been submitted to VMRay Platform via the “VMRay Operation”. VMRay Platform returns Indicators of type URL, MD5, SHA-1, SHA-256, Fuzzy Hash, IPv4 Address, Registry Key, Filename, FQDN and Malware Objects, Attack Patterns and uses basic HTTP authentication based on API key
Use Cases : Enhanced Threat Intelligence, IOC Mining, Detonation, Threat Hunting
Try The Integration NOW
