Our Team


Our team is comprised of top-notch instructors, authors, and forensics practitioners. We are the actual developers of the software that we teach, and we performed the bulk of the initial research that goes into the courses. In other words, you'll be trained with first hand knowledge and incomparable expertise. 

Andrew is Director of Research at Volexity. He has conducted numerous large-scale investigations across enterprises and industries. Andrew's previous experience includes penetration tests, source code audits, and binary analysis for large corporations and products. Andrew is the co-developer of Registry Decoder, a National Institute of Justice funded forensics application, as well as a core developer of The Volatility Framework. He has delivered trainings in the field of digital forensics to a number of private and public organizations as well as at industry conferences. Andrew's primary research focus is physical memory analysis, and he has published a number of peer-reviewed papers in the field. He has presented his research at conferences including Blackhat, RSA, SOURCE, BSides, OMFW, GFirst, and DFRWS.

Jamie is a leading researcher and developer. In the past, she worked on various R&D projects and forensic cases at Guidance Software, Inc, and later at Verizon Terremark.  Jamie has taught classes in Computer Forensics and Computer Science at Queens College (CUNY) and John Jay College (CUNY). She has a Masters in Forensic Computing from John Jay College and is an avid contributor to the open source Computer Forensics community. She is an active developer on the Volatility Framework.  In her day job, Jamie currently leads hunting engagements across multiple client enterprises.  Jamie has authored peer-reviewed conference publications and presented at conferences (OMFW, CEIC, IEEE ICC, EnFuse, ACSAC, NYBA, HTCIA, CSAW) on the topics of memory, network, and malware forensics analysis.  Jamie is a well respected member of the DFIR community, sits on the board of directors for the Volatility Foundation, and has served on the program committee for such conferences as DFRWS, BSidesNYC and IWCMC Security Conference (among others).

Michael Ligh

Course Instructor


Malware and Memory Forensics

Michael is Chief Technology Officer (CTO) at Volexity. He specializes in reverse engineering, vulnerability research, malware cryptography, and memory forensics. He guides the design of Volexity’s Volcano product line, which facilitates scalable, automated, and collaborative memory analysis in enterprise environments. He is a core developer of The Volatility Framework and Secretary/Treasurer of The Volatility Foundation. In the past, Michael has served as a Senior Security Intelligence Engineer at iDEFENSE and Director of Malware Research. Michael is co-author of Malware Analyst's Cookbook (2010) and The Art of Memory Forensics (Aug 2014). He wrote the original analysis of Zeus, the first publicly available DGA predictor for Conficker, and various decryption utilities for ransomware files and C2 protocols.