Remediation and Resilience: Preventing Attacks now and in the Future
Tyler Fornes explains how Expel uses VMRay Analyzer to identify and scope malicious activity at their clients, and based on the information provided by VMRay Analyzer, to then provide “remediation and resilience actions for our clients” that prevent the imminent attack, but also help to prevent similar attacks in the future. He explains that the VMRay Analyzer sandbox aids with the investigation of malware by clarifying “what story it is telling” and “what is the capability of this malware”. The sandbox is particularly powerful for Expel due to the vast assortment of target environments it has available, which can be used to analyze “highly customizable” exploits which prey on specific versions of Office or Adobe. Even more critically, sophisticated malware today is well aware of sandboxes and often has built-in anti-sandboxing techniques. The sandbox’s unparalleled evasion resistance reigns supreme here and allows Tyler to run the software without any manual intervention.