VMRay Platform v4.2.0 offers a variety of new features and enhancements, one of which is the Non Intrusive TLS Visibility. This hypervisor-based solution is able to decrypt TLS traffic in a transparent and scalable way.
Why use VMRay v4.2.0?
- Increased trend of attackers choosing to transmit data over TLS
- Attackers often misuse or exploit legitimate websites to host malicious payloads
- Most legitimate websites are served over HTTPS, which attackers benefit from TLS
With VMRay Platform v4.2.0, it supports decryption of TLS traffic, regardless of whether the malware uses well-known functions, for example, provided by the native WinAPI, or is equipped with these functions itself.
In v4.2.0, the following enhancements were made:
Optical Character Recognition (OCR). The programme will automatically extract suspicious texts.
VBA Stomping. The programme will examine p-code and VBA code to look for mismatches.
Live interaction. The programme is able to interact with detonation of a URL during both dynamic and web analysis.
Role-based access control. Account managers will be able to assign and manage individual user permissions. Roles consist of Administrator, ETD Administrator, ETD Analyst, ETD User, Standard User, and Isolated User.
Reputation Analysis. Display status of your account reputation setting on the dashboard. Can be switched on and off by the account manager.
Windows Installer Patch Protection. An extension of .msp has been added.
API Integrations. Included an integration Kit with pre-defined python code that is ready to use.
Expanded Operating System Support. Support for Windows 10, version 1809 (Redstone 5), has been added to both the Cloud and On-Premises versions. Support for macOS Mojave (v10.14) has been added to the Cloud version.
Included package manager, Chocolatey. Added Chocolatey support for On-Premises customers to expedite the installation of software on VMs.
Two Retrospective features. Included a second Link Detonation as well as a second Reputation Analysis. User can specify the exact time of day to run the second detonation, as well as the Timezone and the Time Window (i.e., how many hours after the initial detonation).
Automatic Updates Every Hour on the Hour. Included new detection update features, allow users to define the update interval.
Improved Installation Documentation for Seamless Setup. Included a brand new Installation Guide for On-Premises customers. It consists of 100 pages of hands-on and step-by-step information, with accompanying checklist for progress tracking.
If you are interested in v4.2.0, click here to request a trial of VM Ray.