Uncompromising data security

Your data’s security is our top priority—and embedded into all our processes, which 
we work continually to keep improving.

Why do the world's leading firms trust their data to CoCounsel?

chart-network

Stringent policies

Our security program includes the governance and technical controls to ensure the platform, data, 
and code are secure and monitored. Security policies align to NIST 800-53 Moderate and NIST Cybersecurity Framework (CSF). We maintain a mapping of our controls onto ISO 27001 and 
SOC 2 standards. Casetext has obtained its SOC2 Type 2 attestation.
shield-check

Encrypted data

All data are encrypted in transit and at rest in CoCounsel systems. We secure all data in transit via TLS 1.2+. Systems are configured to require the TLS protocol, meeting industry standards for externally facing systems. Symmetric encryption (AES-256) is used to protect data at rest, ensuring data is viewable only by authorized users.

Independent auditing

We have partnered with sophisticated, independent external security resources to ensure we properly execute our security program. Regular vulnerability assessments and penetration tests—and review of our policies, vendor management, and risk management programs—are critical to our infosec program.

CoCounsel application security

circle check icon
All user access is protected by industry standard, role-based authentication
circle check icon
Perimeter firewalls block unauthorized ports and protocols
circle check icon
Customer instances and data 
are logically separated
circle check icon
All access to data sources, queries, and results is logged and audited
circle check icon
All code is thoroughly reviewed 
and tested before deployment 
to production
circle check icon
Data source credentials are 
encrypted and stored in a secure secrets manager
circle check icon
Single Sign On is available and integrates with your secure identity provider
circle check icon
Network vulnerability scans are performed monthly
circle check icon
Third-party penetration testing is performed annually

Keeping data private and secure in CoCounsel

Powered by leading LLMs

CoCounsel is built on the most powerful large language models (LLMs) available, on a foundation of partnership with LLM providers. The result? A GenAI assistant that offers all the benefits of today's AI, with the guardrails to make it suitable—reliable and secure—for use by legal professionals.

Trained for the law

LLMs are powerful, but legal professionals need more. Our attorneys and AI specialists spent months developing and repeatedly testing an LLM-powered solution tailored to lawyers’ needs and reliable and secure enough to meet the highest bar.

Private and secure

CoCounsel uses dedicated servers to access the underlying LLMs, meaning your data isn’t sent to “train” the model as part of publicly accessible knowledge. Your and your clients’ information stays private and is secured by bank-grade AES-256 encryption.

The experts in legal AI

  • CoCounsel is a cloud-based application. All data is stored in our Google Cloud environment. Data stores and services are hosted in US-West regions. We have additional servers for customer data in the UK, Canada, and Australia.

  • The user-facing web application is served from a Heroku Private Space in the US-West region.

AI built for lawyers

  • All data are encrypted in transit and at rest in
our systems.

  • We secure all data in transit via TLS 1.2+. Systems are configured to require the TLS protocol, meeting industry standards for externally facing systems. An up-to-date assessment of our TLS configurations is available at SSL Labs SSL Test.

  • Symmetric encryption (AES-256) is used to protect
data at rest. This ensures data is only viewable by authorized users.

Dedicated technologists

  • We have partnered with sophisticated, independent
external security resources to ensure we properly execute
our security program.

  • We treat consistent monitoring of our platform through regular vulnerability assessments and penetration tests, along with review of our policies, vendor management, and risk management programs, as critical for our information security program.

  • We rely on our relationships with security, compliance,
and governance partners to ensure our practices are held to
the highest standards.

Learn more about our security program

Our additional security programs

We require annual security training for all employees, including review of and attestation to our Information Security & Privacy Policies. Our annual secure developer training is based on OWASP Top 10.
Our asset management policies require tracking and inventory of all hardware. Antivirus and mobile device management is installed on all laptops. Auto-updates and hard drive encryption are enforced.
Our identity and access management program ensures data is only available to appropriate parties. Employees are granted platform access for administration purposes only, and such access is fully monitored and regularly audited.
We maintain a robust vendor management program and require vetting of all third-party software and contractors.
Our Incident Response Plan and Business Continuity/Disaster Recovery Plan are reviewed and tested annually.

Want to learn more?

One of our representatives would be happy to share a thorough overview of our privacy and security program.

Put CoCounsel to work for you

Sign up today to be among the first to try the power of CoCounsel.

Draft Correspondence

Rapidly draft common legal letters and emails.

How this skill works

  • Specify the recipient, topic, and tone of the correspondence you want.

  • CoCounsel will produce a draft.

  • Chat back and forth with CoCounsel to edit the draft.

Review Documents

Get answers to your research questions, with explanations and supporting sources.

How this skill works

  • Enter a question or issue, along with relevant facts such as jurisdiction, area of law, etc.

  • CoCounsel will retrieve relevant legal resources and provide an answer with explanation and supporting sources.

  • Behind the scenes, Conduct Research generates multiple queries using keyword search, terms and connectors, boolean, and Parallel Search to identify the on-point case law, statutes, and regulations, reads and analyzes the search results, and outputs a summary of its findings (i.e. an answer to the question), along with the supporting sources and applicable excerpts.

Legal Research Memo

Get answers to your research questions, with explanations and supporting sources.

How this skill works

  • Enter a question or issue, along with relevant facts such as jurisdiction, area of law, etc.

  • CoCounsel will retrieve relevant legal resources and provide an answer with explanation and supporting sources.

  • Behind the scenes, Conduct Research generates multiple queries using keyword search, terms and connectors, boolean, and Parallel Search to identify the on-point case law, statutes, and regulations, reads and analyzes the search results, and outputs a summary of its findings (i.e. an answer to the question), along with the supporting sources and applicable excerpts.

Prepare for a Deposition

Get a thorough deposition outline in no time, just by describing the deponent and what’s at issue.

How this skill works

  • Describe the deponent and what’s at issue in the case, and CoCounsel identifies multiple highly relevant topics to address in the deposition and drafts questions for each topic.

  • Refine topics by including specific areas of interest and get a thorough deposition outline.

Extract Contract Data

Ask questions of contracts that are analyzed in a line-by-line review

How this skill works

  • Allows the user to upload a set of contracts and a set of questions

  • This skill will provide an answer to those questions for each contract, or, if the question is not relevant to the contract, provide that information as well

  • Upload up to 10 contracts at once

  • Ask up to 10 questions of each contract

  • Relevant results will hyperlink to identified passages in the corresponding contract

Contract Policy Compliance

Get a list of all parts of a set of contracts that don’t comply with a set of policies.

How this skill works

  • Upload a set of contracts and then describe a policy or set of policies that the contracts should comply with, e.g. "contracts must contain a right to injunctive relief, not merely the right to seek injunctive relief."

  • CoCounsel will review your contracts and identify any contractual clauses relevant to the policy or policies you specified.

  • If there is any conflict between a contractual clause and a policy you described, CoCounsel will recommend a revised clause that complies with the relevant policy. It will also identify the risks presented by a clause that does not conform to the policy you described.

Summarize

Get an overview of any document in straightforward, everyday language.

How this skill works

  • Upload a document–e.g. a legal memorandum, judicial opinion, or contract.

  • CoCounsel will summarize the document using everyday terminology.

Search a Database

Find all instances of relevant information in a database of documents.

How this skill works

  • Select a database and describe what you're looking for in detail, such as templates and precedents to use as a starting point for drafting documents, or specific clauses and provisions you'd like to include in new documents you're working on.

  • CoCounsel identifies and delivers every instance of what you're searching for, citing sources in the database for each instance.

  • Behind the scenes, CoCounsel generates multiple queries using keyword search, terms and connectors, boolean, and Parallel Search to identifiy the on-point passages from every document in the database, reads and analyzes the search results, and outputs a summary of its findings (i.e. an answer to the question), citing applicable excerpts in specific documents.

Skills

UNIVERSAL
Search a Database

Find all instances of relevant information in a database of documents.

Summarize

Get an overview of any document in straightforward, everyday language.

Draft Correspondence

Rapidly draft common legal letters and emails.

TRANSACTIONAL
Contract Policy Compliance

Get a list of all parts of a set of contracts that don’t comply with a set of policies.

Extract Contract Data

Ask questions of contracts that are analyzed in a line-by-line review

Prepare for a Deposition

Get a thorough deposition outline by describing the deponent and what’s at issue.

LITIGATION
Legal Research Memo

Get answers to your research questions, with explanations and supporting sources.

Review Documents

Get comprehensive answers to your questions about a set of documents.