About

Our Story

Volexity was founded on the belief that the future of cybersecurity will depend on the industry’s ability to master the data found in volatile memory. This mastery includes building tools that provide unprecedented visibility into the state of systems, the context required to disposition the overwhelming onslaught of false positives, and confidence that systems are functioning as intended. It also means leveraging memory analysis to dramatically improve the way organizations perform cybersecurity services, including hunting, incident response, and malware analysis. Memory analysis is a disruptive capability that helps organizations move beyond the assumptions and limitations built into traditional cybersecurity products and services.

Our Team

Volexity is a Washington, D.C.-based cyber security firm with a global reach. It is led by some of the most respected subject matter experts in the commercial, open source, government, and defense industries, who have pioneered the field of memory forensics (i.e., Volatility), written best-selling security books, and developed groundbreaking tools and technology.

AAron Walters
CEO

AAron has a proven track record of building and growing successful companies. Creator of the open-source Volatility Framework and President of the Volatility Foundation, he co-authored the best-selling book The Art of Memory Forensics.

Steven Adair
President

Having led Cyber Intelligence at Verizon Terremark and the NASA CIO Cyber Threat Analysis Program, Steven has investigated cyber espionage groups, tracked emerging and advanced threats, and co-authored the book Malware Analyst’s Cookbook.

Michael Hale Ligh
CTO

Michael is a Volatility Framework developer, Windows Malware and Memory Forensics instructor, and Secretary / Treasurer of The Volatility Foundation. Michael is lead author of Malware Analyst’s Cookbook & The Art of Memory Forensics.

Dr. Nick Petroni
Chief Scientist

Nick’s pioneering academic research, at the University of Maryland, laid the groundwork for modern memory analysis. He was also one of the original developers of Volatility and a technical editor for The Art of Memory Forensics.

Sean Koessel
VP, Professional Services

Sean brings 10+ years of experience in detecting and combating highly targeted threats. While leading incident response services at Verizon Terremark, Sean protected critical Internet infrastructure and led numerous high profile investigations.

Andrew Case
Director, Research

A well-known security thought leader, Andrew co-developed the NIJ-funded Registry Decoder forensics application and is a core developer of The Volatility Framework. He has published peer-reviewed papers and presented at conferences worldwide.

Anthony Colatrella
Director, Engineering

Anthony specializes in OS development with a focus on security and networking. While working at the National Security Agency, he received numerous commendations and awards for technical expertise and leadership during his 15 years of service.

Michael Stone
Director, Security Architecture

Michael has more than 15 years of experience in network security monitoring, computer forensics, and incident response. He has developed software for security data acquisition and analysis, and contributes to many open source software projects.

Paul Brown
Senior Director, Sales & Revenue

Paul has more than 20 years of experience helping technology- and innovation-driven companies to develop their sales and customer care teams, as well as their go-to-market strategies, to increase year-over-year revenue on a global basis.

Our Contributions

The highly skilled, proven Volexity team has a decade-long history of successfully helping both public and private sector organizations worldwide to deal with myriad modern information security challenges. Our collective experience has enabled our team to deliver the highest caliber lectures, publications, and training in incident response, malware analysis, reverse engineering, network hunting, digital forensics, and investigating cyber espionage. These contributions include:

The Volatility Framework

The Volatility Framework

Introduced in 2007, Volatility provides a cross-platform, modular, and extensible framework designed not only to analyze the runtime state of a system using the data found in volatile storage (RAM), but also to encourage further work into this exciting area of research, leveraging collaboration, innovation, and accessibility to common knowledge.

Publications

A computer forensics “how-to” for fighting malicious code and analyzing incidents, Malware Analyst’s Cookbook offers “recipes” that present both the ingredients and the steps you take to resolve a specific problem or research a given threat. Written by well-known malware experts, this practical guide reveals solutions to numerous problems posed by viruses, Trojan horses, worms, spyware, rootkits, adware, and other invasive software. It includes a DVD of supporting files and original custom programs and tools that illustrate the concepts, enhancing readers’ skills as IT security administrators, incident responders, forensic analysts, and malware researchers.

As a follow-up to Malware Analyst’s Cookbook, The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory is based on a 5-day training course presented to hundreds of students. The Art of Memory Forensics explains the latest technological innovations in digital forensics, and is the only book on the market that focuses exclusively on memory forensics and how to deploy its techniques in a forensically sound manner. Beginning with introductory concepts and moving toward the advanced, the book covers proper investigative steps for detecting stealth malware and advanced threats and how to use free, open source tools for conducting thorough memory forensics.

Join the Team

Working with our elite development or services teams, you’ll protect organizations worldwide from the most advanced cyber threats.

Partnering with Us

Extend your organization’s defensive capabilities. Volexity offers thorough, agile incident response and suppression; customized, interactive threat intelligence with advanced analytics; and protection for your most important data assets through proactive threat assessment and comprehensive network monitoring.