Skip to main content
ThreatConnect Acquires Polarity to Transform How Security Uses Intelligence
Press Release
Request a Demo

ThreatConnect and VMRay: Better Malware Analysis

ThreatConnect and VMRay have improved our existing integration with VMRay Analyzer. This Playbook App will allow you to send malware to a sandbox to be further examined and results retrieved with VMRay Analyzer.  Leveraging this App, you will be able to perform Phishing Email Triage, Endpoint Investigation, or Malware Hunting. This all leads to more informed decision making and more efficient remediation through automation.

VMRay Analyzer > Submit File” Playbook App Template

The VMRay Analyzer Playbook App will enable you to:

  • Build a composite of knowledge for malware variants by overlaying VMRay’s analysis results on top of open-source or premium intelligence information
  • Mine for potential IOCs in the form of C2 nodes, Registry Keys, etc to gain a more holistic understanding of the potential threat by discovering how and where the malware operates
  • Leverage VMRay Analyzer to detonate potentially malicious files as part of an investigation such as phishing email triage, or performing further host-based analysis and remediation
  • Make EDR and SIEM workflows smarter and more efficient by triaging potentially malicious files early on instead of wasting precious time hunting for false positives
  • Address business-security goals by enabling triage and remediation techniques for dealing with malicious phishing email attachments that directly affect end-users

The following actions are available with this Playbook App:

  • Submit File
  • Get File Results
  • Parse File Results

Together, ThreatConnect and VMRay help you to automate remediation tasks and protect your network from sophisticated attacks. If you’re a ThreatConnect customer, please reach out to your dedicated Customer Success Team for more information on utilizing the VMRay Analyzer App. If you’re not yet a customer and are interested in ThreatConnect and this integration, contact us at

About the Author


By operationalizing threat and cyber risk intelligence, The ThreatConnect Platform changes the security operations battlefield, giving your team the advantage over the attackers. It enables you to maximize the efficacy and value of your threat intelligence and human knowledge, leveraging the native machine intelligence in the ThreatConnect Platform. Your team will maximize their impact, efficiency, and collaboration to become a proactive force in protecting the enterprise. Learn more at