Introduction Welcome to 2026! We’re starting the year with a new release of the VMRay Platform, and we’re enthusiastic to share what’s new. This release brings meaningful enhancements designed to improve visibility, accuracy, and usability across the Platform. Here’s a look at what’s included in the VMRay 2026.1.0 release: Redesigned
Another Monday morning in the SOC. You’ve got 3,000 alerts waiting in the queue, half your team is burned out, and that critical vulnerability patch still needs validation. Sound familiar? If you’re reading this, you already know the problem. What you need are the solutions that actually work—not marketing promises,
Every SOC analyst knows the feeling: another day, another thousand alerts. You’re stuck triaging the same phishing emails, investigating endpoint alerts that turn out to be false positives, and manually enriching indicators while real threats slip past. Sound familiar? Here’s what we’ll cover: what SOC automation actually is (and what
The AI Buzz—and the Backlash AI has become the new zero-trust: everyone claims to have it, few can prove it works. When we recently sat down with two veteran CISOs from heavily regulated industries, the message was blunt: “If AI doesn’t save my analysts time or fit into the stack
The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cyber threat landscape. In November 2025,
When your organization experiences a security breach at 2AM, the question isn’t whether you have tools. It’s whether those tools help your team respond fast enough to contain the damage. With breach costs averaging $4.45 million and attackers moving faster than ever, your incident response toolkit should have the right
The question facing security leaders today isn’t whether your organization will experience a cybersecurity incident, but how effectively you’ll respond when one occurs. With average breach costs exceeding $4.45 million according to IBM’s latest Cost of a Data Breach Report, and mean time to identify breaches hovering around 204 days,
NATO and its partners face a rapidly evolving landscape of hybrid threats that continuously target both military and civilian infrastructures through cyberspace. This article explores how advanced cyber technologies and collaborative practices support resilient cyber defence operations for the Alliance. Understanding Hybrid Threats Hostile cyber operations against critical functions such
Security breaches won’t wait for your next quarterly scan. But what if you could shift from reactive firefighting to continuous, proactive threat management? That’s what Continuous Threat Exposure Management (CTEM) is designed to deliver. f In this article, we’ll walk through what CTEM is, why it matters more than ever
Most teams treat a block as the end of the story: defense succeeded, move on. That’s true — but incomplete. Microsoft Defender and Sentinel do an excellent job surfacing and stopping threats. What many SOCs miss is the next step: turning those blocked alerts into fresh, environment-relevant threat intelligence that
Updated on: 2025-11-17 Attackers don’t need a lot of noise to get in. One phish, one macro, one stale control, and they’re inside. This post covers what Advanced Threat Protection (ATP) is, the threats it stops, how it works in real pipelines, and the outcomes SOC teams care about, like
A Security Operations Center (SOC) is the heart of modern cyber defense. It monitors, detects, and responds to threats that can compromise business continuity, data integrity, and trust. Yet even with advanced tools, a SOC’s effectiveness depends on how well it is structured and managed. This guide explores 10 Security
Introduction The pace of innovation hasn’t slowed in 2025, and neither have we! With three impactful releases already rolled out, we continue to strengthen the VMRay Platform with comprehensive updates that empower analysts, enhance detection accuracy, and boost overall performance. Now, without further ado, let’s dive into the highlights of
Security teams today face an uncomfortable paradox: the tools designed to strengthen defenses often flood them with alerts. As threat volumes rise and attacks evolve faster than ever, manual triage and containment simply cannot keep up. Automated incident response (IR) bridges that gap. It uses predefined logic, integrations, and validation
As organizations move toward Cybersecurity Maturity Model Certification (CMMC), they must prove they can identify, analyze, and respond to cyber threats. Whether preparing for Level 2 or aiming for Level 3, the ability to investigate advanced attacks with confidence is no longer optional but essential. CMMC Level 2 introduces practices
The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cyber threat landscape. In October 2025,
If you’re tracking fast-moving malware (think infostealers, loaders, cryptominers) and drowning in indicators, VMRay UniqueSignal + OpenCTI gives you high-fidelity, malware-centric context you can act on—without building a heavy/spaghetti enrichment pipeline. This post lays out 5 real problems security teams face and how this integration solves them, with concrete use
Over the last 6–9 months, we have witnessed many CISOs and their teams have been making strategic decisions about how they approach and harden their malware and phishing defenses: I had a chance to observe and discuss at the Gartner Risk & Security Summit in London last week. Here are
Overview As announced In our VMRay 2025.3 Release highlights blogpost, our phishing detections on cloud are now powered with Computer Vision capabilities. This allows VMRay’s threat identifiers ( VTIs ) to detect brands and page structures based on how they appear to the end user, which makes them more resilient
Learning from an Attack: How the VMRay + SentinelOne Integration Delivers Full Threat Context Through Automated Malware Analysis Introduction When a cyberattack hits, stopping it is only half the battle — understanding what the attacker was trying to do is the other half. That’s where the VMRay + SentinelOne integration
Updated on 2025-10-14 The threat intelligence lifecycle is a structured six-stage process that transforms raw, unfiltered threat data into actionable intelligence. It provides security teams with a systematic approach to identify, contextualize, and mitigate cyber threats effectively. Unlike traditional threat detection, which often reacts to alerts after suspicious activity is
Phishing attacks hit organizations every 30 seconds. Cybercriminals are getting bolder and smarter, targeting businesses with fake emails, malicious links, and convincing scams that even trained employees can fall for. In this guide, we’ll break down everything you need to know about anti-phishing software: what it is, how it works,
The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cyber threat landscape. In August 2025,
Automation and AI are reshaping how Security Operations C enters (SOCs) work. That’s a good thing, but only if the systems you automate and the models you train are fed high-quality, reliable data. When you hand decision-making to AI-assisted investigators or automated playbooks, you need the behavioral truth. You need
Introduction Scalable Vector Graphics (SVG) files are increasingly being abused as initial phishing vectors. By embedding scriptable content directly in standalone “.svg” files— which users typically perceive as benign images—, threat actors are executing JavaScript code while evading traditional static analysis and email filters. At VMRay, our continuous threat monitoring
Executive Summary VMRay strengthens the AI-enabled SOC by delivering high-fidelity, fact-based threat intelligence that powers accurate, explainable, and actionable AI outcomes. Better AI decisions: High-quality sandbox & TI data for training and enrichment. Explainable alerts: Human-readable evidence grounds AI in reality. Smarter triage: Verdicts and risk scores prioritize the right
The Labs team at VMRay actively gathers publicly available data to identify any noteworthy malware developments that demand immediate attention. We complement this effort with our internal tracking and monitor events the security community reports to stay up-to-date with the latest changes in the cyber threat landscape. In July 2025,
If you’re drowning in Microsoft Defender alerts, you’re not alone. Security teams across the globe face the same challenge—too many notifications, not enough time, and critical threats slipping through the cracks. This article will walk you through proven strategies to cut through the noise so you can focus on what
Updated on 2025-10-29 Threats are evolving at lightning speed, and the vulnerabilities they exploit can appear in places you least expect. The first step to protecting your organization is simple: understand the information security risks you face and your broader cyber risk profile. From there, it’s about building a clear,
Introduction Since the release of VMRay Platform 2025.2, we’ve had a busy start to the summer. Back then, we introduced SVG file analysis, a feature that continues to gain traction as threat actors increasingly adopt SVG-based phishing delivery techniques. If you’re curious about the evolution of SVG threats and how
Keep up to date with our weekly digest of articles. Get the latest news, invites to events, and threat alerts!
