Techniques such as extracting operating parameters, comparing application profiles across VMs (to look for signs that one has been successfully attacked), and analyzing application behavior in memory (as opposed to just code stored on disk) are far easier in a virtual environment and provide a huge advantage for stopping the most sophisticated threats.
FORBES: Best of Times, Worst of Times: Is Virtualization in the Data Center a Problem or an Opportunity?