Reliable, Verifiable Data Collection

Trustworthy incident response starts with reliable, verifiable data collection. Volexity’s Surge Collect offers flexible storage options and an intuitive interface that any responder can run to eliminate the issues associated with the corrupt data samples, crashed target computers, and ultimately, unusable data that commonly results from using other tools.

From the moment it runs, Surge Collect offers easy-to-use functionality which responders at any level—junior to senior—need for thorough, reliable memory collection. It provides investigators the flexibility to adapt to any suspected compromise. This way, Surge Collect improves the speed of response, the recovery of valuable artifacts that may only be found in memory, and the flexibility required during modern investigations.

Features & Benefits

  • Perform memory acquisition across Windows, Linux, and macOS.
  • Minimize the impact to suspect systems and enhance memory analysis algorithms.
  • Integrate an easy-to-access interface into time-saving scripts or existing commercial tools.
  • Encrypt and authenticate sensitive data from RAM, user-specified files, and OS state information.
  • Collect data to local drives, network shares, or a cross-platform server component.

Case Study


A federal law enforcement agency realized that they needed to collect valuable investigation artifacts that were only found in memory. Unfortunately, none of the tools they tried to use were able to reliably capture memory and frequently crashed the systems.


By leveraging Surge Collect, the agency was able to equip their agents with the capability they needed to collect the data found in memory. They also found Surge flexible enough to easily integrate into their existing toolsets and processes.


Surge Collect gave the agency both the confidence and capability they needed to reliably collect volatile data that was becoming increasingly critical to their investigations.