How Volexity Was Formed
Volexity was founded on the belief that the future of cybersecurity will depend on the industry’s ability to master the data found in volatile memory. This mastery includes building tools that provide unprecedented visibility into the state of systems, the context required to disposition the overwhelming onslaught of false positives, and confidence that systems are functioning as intended. It also means leveraging memory analysis to dramatically improve the way organizations perform cybersecurity services, including hunting, incident response, and malware analysis. Memory analysis is a disruptive capability that helps organizations move beyond the assumptions and limitations built into traditional cybersecurity products and services.
Until 2006, the cybersecurity industry focused almost exclusively on data found within file systems or crossing the network. The increased prevalence of encryption, cloud-based services, and memory resident malware has reduced the effectiveness of these traditional capabilities. At the same time, our team of researchers made a critical observation: that all security-relevant data, regardless of whether it originates from a file system or the network, must be loaded into volatile memory (RAM) in order for the system to process it. To validate this observation, we created the first open source memory analysis framework, Volatility. Volatility has since become the most widely used memory forensics framework with a loyal, worldwide user base. Research built on top of Volatility has appeared at top academic conferences and the framework has been used on some of the most critical investigations of the past decade. Our team has also written the seminal books on memory analysis and trained hundreds of people.
During this time, the Volexity team also demonstrated that by combining our cutting-edge research with advanced threat intelligence capabilities we were able to dramatically change the way traditional security services were performed. The team preserved business operations of healthcare and financial bodies, thwarted attackers targeting free speech and human rights organizations, and minimized corporate espionage attempts in industries like biopharmaceuticals, aviation, and telecommunications. The Volexity team also prevented breaches from destabilizing key political, educational, and media institutions, and minimized undue reputational damage to political campaigns and celebrities. Finally, Volexity’s services helped protect the corporate infrastructure for many prominent cybersecurity vendors.
By combining a pioneering development team with some of the best threat intelligence talent in the industry, Volexity is in the unique position to finally bring advanced memory analysis products and services to the broader market. We knew this would require a different type of company that was willing to look at cybersecurity from an entirely new perspective and embrace volatility as a means of addressing cybersecurity’s growing complexity. As a result, we formed Volexity.