Yes, but it's emulation and not virtualization based. In general, our experience has taught us that virtualization based technology is particularly important for forensic and full attack chain analysis targeting a very specific environment. Unfortunately, the downside of such in-depth analysis is speed (time to reporting is typically within 5-10 minutes), scaling challenges, high maintenance, having to restrict to a specific environment, evasion techniques fingerprinting the analysis environment, and a large resource overhead. Instead, we focus on a sophisticated set of lightweight emulation engines that implement adaptive threat analysis and have shown to yield better results at a fraction of cost.
MetaDefender Sandbox is a best-in-class emulation sandbox with a proven track record of detecting highly evasive stage one malware. See showcase reports here: Showcase Reports
