Software Products

Law and Forensics products, assessments, and frameworks are proven to assist clients in solving complex eDiscovery, cybersecurity, and forensic issues. Our proven assessments and frameworks are used by companies big and small all over the globe to address a wide range of cybersecurity, privacy, eDiscovery, and forensics topics. Forensic Scan enterprise solution radically reduces the time-to-discovery and identification of malware, viruses, rootkits, and trojans using our patented solution in a white glove forensic lab, onsite, or the cloud.

Forensic Scan ®

Forensic Scan ® is a patented next-generation malware detection and identification software platform, that runs multiple malware detection engines simultaneously, allowing it to detect and identify malicious threats more than 50 times faster than any solution in the marketplace today. Forensic Scan not only identifies threats and infected devices but also provides security teams with an understanding of the extent of the compromise as fast as possible, making it an invaluable tool.

Chain of Custody for Blockchain

Chain of Custody for Block Chain provides investigators, police officers, lawyers, and law members of law enforcement a solution that greatly reduces the paperwork that is often associated with collecting evidence. This solution provides users with an automated process for creating and storing information in a tamper-evident digital format that can be independently verified for little to no cost. The solution assist lawyers and investigators complete and transfer sensitive information while offering a global and immutable chain-of-custody registry system. The solution uses blockchain to make creating, issuing, and transferring chain-of-custody paperwork seamless and instantaneous.

Enterprise Cybersecurity Tabletop Cloud Solution

Today organizations are being asked to perform cybersecurity tabletops to assist a company prepare for the unknown. This enterprise solution allows companies to create, execute, track, and facilitate security tabletop exercises. This unique solution allows enterprises to build tabletops that account for legal, regulatory, audit, business, privacy, technology, and insurance requirements and create scenarios that are based on the participants’ role or skill level. This enterprise solution also allows different stakeholders to collect valuable lessons learned, make recommendations to improve your cybersecurity posture based on data, and document/track any risk and/or issues to the cybersecurity program.


Law and Forensics has created several types of assessments to assist organizations address eDiscovery, forensics, and cybersecurity issues; our assessments offer an organization a strategic tool that independently evaluates the extent to which it meets regulatory, business, or statutory requirements using an integrated team of subject matter experts, lawyers, technologists, auditors, and analysts.

HIPAA Healthcare Privacy and Security

  • Work with healthcare organizations, covered entity or business associate that create, receive, maintain, or transmit protected health information (PHI) to assess compliance with HIPAA Rules.
  • Conduct a HIPAA risk assessment in order to comply with the HIPAA Privacy and/or HIPAA Security Rule.
  • Collaborate with an organization’s internal IT, compliance, and legal stakeholders to review existing controls, policies, procedures, test security and privacy controls, and interview staff.
  • Perform independent risk assessments of a healthcare organization’s security and compliance posture against the safeguards specified in the HIPAA Security and Privacy Rule and assisting companies to address gaps identified.

Chemical Facility Anti-Terrorism Standards Assessments and Solutions

  • Evaluate an organizations’ existing security posture against the CFATS Risk-Based Performance Standards (RBPS).
  • Work with clients to remediate any deficiencies that need to be remedied including creating and/or modifying Incident Response measures and protocols, implementing cyber security measures, creating necessary policies, and etc.
  • Assess clients that are in possession chemical substances recognized by the US Department of Homeland Security (DHS) as Chemicals of Interest (COI) and provide the following services: Top Screen survey, Security Vulnerability Assessment (SVA), Site Security Plan (SSP) and Alternative Security Plan (ASP).

New York Department Financial Services Assessments

  • Working with organizations to develop, review, and implement a cybersecurity program that complies with New York Department Financial Services’ cybersecurity requirements.
  • Create security frameworks that comply with the NYS-DFS requirements and numerous other state and federal cybersecurity regulations using the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework (CSF).
  • Craft written policies and procedures, developing a compliant cybersecurity training program, and review an organization’s IT cybersecurity posture (e.g., Multi-factor authentication, monitoring and testing, and etc.).
  • Perform risk assessments to assess the level of compliance  NY-DFS statute and create, review, or update a companies existing incident response plan to comply with NY-DFS.

Business-driven Cybersecurity Assessments (FAIR, and etc.)

  • Working with Executive Leadership and organizational policy creators such as Audit, Legal and corporate IT departments to validate and verify that internal controls and SOPs align with corporate goals, strategies, and policies.
  • Review and establish policies, SOPs, and work instructions to mitigate gaps in internal compliance and ensure effective execution and enforcement of corporate policies.
  • Independently assess an organization’s alignment with the cybersecurity requirements defined by various regulators including those set-out in the FFIEC Information Technology (IT) Examination Handbook.

FFIEC Cybersecurity Assessment

  • Independently assessing an organization’s alignment with the cybersecurity requirements defined by various regulators including those set-out in the FFIEC Information Technology (IT) Examination Handbook.
  • Review global financial institution data governance program and identify any gaps with Federal Financial Institutions Examination Council (FFIEC) cybersecurity assessment tool.
  • Efforts included: working with senior technology and audit/compliance stakeholders to review cybersecurity controls and program alignment, assessing cybersecurity controls against FFIEC program requirements, documenting any gaps identified in the course of engagement, creating and executing a project plan to remediate issues identified during the course of the engagement.

California Consumer Privacy Act (CCPA) Assessment

  • Working with clients to perform an assessment leveraging our proprietary privacy assessment tool that ascertains an organization’s privacy posture against the CCPA, delivering a roadmap on to comply, and a framework to ensure going forward compliance.
  • Perform a review of all existing systems and create a robust and appropriate data map for these systems in a fashion that allows the company to support and maintain the data map without requiring any additional licenses fees or agreements.
  • Analyze existing data map, controls, policies, and related materials to identify gaps that an organization must address to demonstrate CCPA compliance
  • Collaborate with compliance, legal, and business stakeholders to perform a review of the current privacy program, specific to CCPA, and create and execute a program that will raise awareness and engagement across the company regarding CCPA requirements.

Vendor Cybersecurity Assessment

  • We work with IT, Audit and Legal departments to vet third-party vendor’s data security – from assessing the technical aspects of the service to reviewing policies and measures taken by the vendor to ensure that your data is kept safe and sound.
  • Assess the technical aspects of the service to review policies and measures taken by the vendor to ensure that your data is kept safe and sound.
  • Create cybersecurity third-party vendor risk programs for large and small companies using proprietary controls and processes and off-the-shelf software in-line with our customer’s budget.


Law & Forensics’ playbooks provides the necessary policies, procedures, checklists, and SOPs to establish, or improve, an in-house program. It integrates legal, business, and technology best practices into a single guide that in house legal, business, and technical stakeholder can use in connection with a dispute or investigation.

eDiscovery Playbook

eDiscovery Playbook offers organizations looking to establish or strengthen their existing eDiscovery program with the necessary frameworks and strategies needed to build a robust eDiscovery program. It integrates legal, business, and technology best practices into a single, actionable guide that empowers clients to manage eDiscovery, lowers eDiscovery costs, gets faster and deeper clarity regarding eDiscovery issues, responds to litigation requests, and reduces overall eDiscovery liability.

Cybersecurity Playbook

Cybersecurity Playbook offers organizations that are looking to establish or strengthen their cybersecurity program with the appropriate and necessary frameworks, controls, and policies. It integrates legal, business, industry, and technology best practices into a single, actionable guide. The playbook is proven to assist organizations prevent incidents, get faster and deeper clarity concerning ongoing breaches, respond to regulatory and litigation matters, and streamline complex incident response processes that do not work.

Forensics Playbooks

The Computer Forensics Playbook provides organizations with the necessary policies, protocols, SOPs, and frameworks needed to establish an in-house forensics solution that accounts for the unique structure and circumstances of each organization. It integrates the best legal, business, and technology practices in relation.