White Glove Digital Investigations for Law Firms

Advance your legal capabilities as a trusted counselor to your clients with a world-class intelligence and digital investigation partner specialized in white glove investigations, assessments, and due diligence reports.

​​Unmatched Expertise

Differentiate Your Practice

360 VIEW

Achieve a 360 view of critical issues related to practice areas including national security, intellectual property, cybersecurity and data privacy, and white collar investigations under attorney-client privilege.

Nisos delivers the answers you need to identify, stop, and prevent damage to your clients, their brands, and their reputations.



Your Client doesn’t get in trouble for having incidents; they get in trouble for how they respond.

Nisos helps legal practices with tough conversations (whether with boards, law enforcement, or security stakeholders) and enables a better security, intellectual property, regulatory, or defensive stance.

Precision Monitoring

Nisos extracts and enriches surface, deep, and dark web data to develop deeper insights into your clients’ unique threats and digital exposure.

We provide you with tailored reporting that allows you to pursue adversaries and respond to national security government investigations aggressively.

Success Stories

Cybersecurity and Privacy

Nisos investigates security researchers and uncovers an NDA violation for a global technology brand.

read case study >>

Intellectual Property & Fraud

Nisos investigates threat actors behind fake apps impersonating a major gig economy platform

read case study >>

National Security

Nisos uncovers North Korean state actors gaining employment at major tech platform company

read case study >>

“In just a few weeks, your analysts have generated numerous promising leads the FBI, US Marshals and Interpol could not uncover, despite having a three-year head start.”

Top Attorney for the Defense of the Victims
In Pursuit of an International Fugitive

Open Source Experts

A Trusted Partner

Nisos provides an unparalleled digital investigations capability for Cybersecurity & Privacy, IP & Technology, National Security, and White Collar Defense practice groups.

We are trusted partners for law firms and internal counsel, helping to address urgent and critical security concerns, including:

Trade secret theft and IP protection
Thieves often exploit insider knowledge or illicit access to steal trade secrets like source code and customer data. Nisos conducts digital investigations, using various methods including forensics and open-source intelligence, partnering with legal teams under attorney-client privilege. Investigations involve identifying stolen data, conducting forensics on stolen source code, reviewing logs and cloud storage, analyzing techniques used in theft, comparing stolen and new products, corporate and contract OSINT research in native language, and monitoring open and dark web activities related to scraping and unauthorized access.
Brand reputation, election integrity, disinformation and activism
Enterprises often struggle with threats to their brand reputation from disinformation and activism, which can escalate when activists resort to violence that is often coordinated online. Nisos assists security teams by conducting digital investigations and monitoring social media, including closed forums, to identify developing threats such as activist campaigns and brand reputation risks.

Our tools include scalable detection of narratives, attribution of signatures and accounts, controlled purchases for understanding app functionalities, proficiency in over 25 languages, breach data investigation, identification of proxies and technologies used in disinformation/activist campaigns, and monitoring of open and dark web for disinformation advertising and data.

Executive protection
Executives face routine exploitation and brand degradation through methods such as malicious online sentiment, spearphishing emails, and deep fake calls that can sometimes also escalate to physical security concerns. Nisos conducts digital investigations to attribute and contextualize these attacks, utilizing personas, digital sources, and specialized tools to mitigate these threats and restore peace of mind.
Enhanced due diligence for class action breach lawsuits
Security incidents and breaches result in numerous class action lawsuits for enterprises. Often, plaintiffs’ counsel brings forward class members and representatives who do not meet commonality and typicality thresholds. Plaintiffs may also have conflicts of interest or lack standing.

We conduct digital investigations and query robust breach datasets as well as other open source intelligence to determine the extent to which litigants’ information was compromised in prior breaches and can assess how much of their information is available on publicly available data sites. We also determine the monetary value of the data when it was previously sold in open and dark web markets. We can also obtain samples of the breach data and perform social media analysis on class members and representatives to determine how prolifically they share their data or identify any characteristics which demonstrate misalignment to the facts set forth in the complaint. By equipping themselves with dossiers detailing class members conflicts, anomalies, or lack of similarity, litigation and data privacy attorneys are able to more readily dismiss motions to certify classes of data breach litigants and, in some cases, may be able to successfully move for dismissal.

Employee issues and insider threats
Nisos conducts digital investigations with security teams and counsel to address insider threats, often including former employees and third-party vendors. We handle cases involving media leaks, intellectual property theft, data exfiltration, unauthorized access, scraping, and more. We leverage various methods such as open source intelligence for stylometric attributes and context, forensic analysis, reviewing device logs, comparing stolen and new products, corporate research, actor engagement, and controlled purchases under attorney-client privilege.
Enhanced due diligence for third-party risk, M&A, FCPA, CFIUS, and KYC
Enterprises may unknowingly engage with entities posing national security risks, violating U.S. regulations, often triggering inquiries from Congress or national security authorities. Legal firms require extensive due diligence before taking on clients or suppliers. Mergers with companies influenced by hostile nations can prompt CFIUS, KYC, AML, or FCPA investigations. We conduct comprehensive digital investigations, corporate research, and digital human intelligence inquiries to provide context. Our expertise in digital collections and foreign languages helps attribute connections to corrupt regimes, criminal organizations, and allegations of non-compliance, aiding companies in regulatory compliance and threat mitigation.
Adversary use of Artificial Intelligence (AI)
Threat actors are leveraging AI for sophisticated fraud and exploits, posing a growing risk. Our AI-enabled analyst platform uncovers and counters these threats by identifying and exploiting AI weaknesses. We investigate AI-generated content like deep fakes and adversary communications, utilizing an analyst-driven approach. We also engage with threat actors and interact with AI to reveal adversarial intent, distinguishing from human activity.
Bug bounty adjudication and responsible vulnerability disclosure
Security researchers who do not disclose vulnerability research responsibly often trigger incident response-like events for businesses. With Nisos’ extensive breach data, dark web intelligence, and direct engagement with actors, we consistently identify, monitor, and attribute malicious researchers and extortionists to ensure they are not violating terms of their agreements under legitimate bug bounty programs. Our expertise lies in monitoring and connecting various identifiers such as phone numbers, emails, crypto wallets, and social media handles, enabling legal and potential enforcement actions based on our findings. We also monitor closed forum chat rooms where security researchers discuss exploits and vulnerabilities.
Active monitoring and investigations for breaches, data leaks, and ransomware
When e-crime or nation-state breaches occur, Nisos conducts monitoring, forensics, and digital investigations across the web and engages with threat actors to bring clarity on compromises in order for the proper disclosures to be made to regulators and congressional investigations. Clients seek assistance to determine the extent of breaches, authenticate stolen data, obtain evidence, gather intelligence on threat actors, and conduct risk assessments on damages resulting from security incidents and breaches. Nisos addresses these concerns, facilitating regulatory compliance and restoring business operations.
Illicit trade and counterfeit investigations
Nisos aids counsel in attributing organized rings involved in illegal distribution of enterprise technology and goods, using open source and dark web collections. They engage with counterfeit organizers to identify key players, consumer impact, and supply chain vulnerabilities. Our findings support legal actions through investigation of ecosystems, forensic analysis of illicit trade infrastructure, actor engagement, controlled purchases, comparison of counterfeit or stolen products, corporate research in native language, and cross-references to public and commercially available information in online marketplaces.
Expert witness testimony
In our digital investigations, we consistently deliver independent expert analysis, testimony, and advice spanning all areas of cyber and digital threats including nation state activity and protection of intellectual property. Our experts offer objective and reliable analysis to assist businesses, investors, and legal advisors in establishing fact patterns, evaluating value, assessing damages, and resolving critical questions.
Fraud and scams
Fraud and scams plague enterprises, spanning technology, goods, and services. Our digital investigations delve into every layer of ecosystems to uncover data, techniques, technologies, and actors behind fraudulent activities. We scrutinize device and cloud storage logs linked to fraud, conduct controlled purchases to understand illicit functionalities, attribute fraudsters to their identities and business entities, conduct social media analysis, compare functionalities of suspicious products, and analyze open source data for contextual clues. If needed, we perform forensic analysis to attribute identifiers to known entities which often include former employees and vendors.
Attribution of e-crime, ransomware, and nation state actors
Many believe that e-crime and nation-state cyber actors operate beyond the reach of businesses and the law, but this is not the case. With Nisos’ extensive breach data, dark web intelligence, and direct engagement with threat actors, we consistently identify and attribute cyber criminals and state adversaries. Our expertise lies in connecting various identifiers such as phone numbers, emails, crypto wallets, and social media handles, enabling counsel to more effectively devise strategies spanning from legal, regulatory and law enforcement actions, to take-downs and proactive brand protection.
Platform abuse
Companies whose products serve as collaboration platforms play a key role in our increasingly cloud native and remote work environment. The technology allows companies to achieve clear business opportunities, but also cause unique security challenges. Not only must they protect their corporate and development systems like all enterprises (endpoints, network infrastructure, container and VM security, etc), they also need to protect customers’ data on their platforms. Performing digital investigations, Nisos conducts closed forum group monitoring, open source monitoring and analysis, forensics, controlled purchases, app reverse engineering, and external telemetry analysis to counter various types of platform abuse.
Our Approach

Empowering Counsel with Customized Investigations

Open Source Intelligence Research

In addition to global coverage of surface, deep, and dark web sources, Nisos’ proprietary platform allows Nisos analysts to harness the power of AI effectively to glean insights that other data feeds and data collectors will miss. Nisos custom analysis harnesses intelligence-community insights and tradecraft to fluidly interact with open and closed-source social media platforms to legally obtain and parse data breach and personally identifiable information (PII) datasets.

Adversary Attribution

Nisos analysts have a deep understanding of the methods and motives of adversaries. By identifying lapses in operational security, Nisos connects digital threats and ties online personas to the real world, unmasking the ‘who’ and ‘why’ behind threats to your Clients.

Digital Threat Actor Engagement

Following legal guidelines, Nisos anonymously engages in native language interactions on social media and open and closed forums, including controlled purchases. This process provides unique insights for our clients and allows the Nisos team to perform appropriate analysis without requiring an “on the ground” private investigative capability.

Technical Signature Analysis

Nisos’ adversarial-minded approach to investigation includes analysis of raw technical data, including off-network connection (pDNS/mobile data) and context for on-network telemetry (application and EDR logs).

Forensic Investigations

Nisos forensic investigations and network analysis bring “outside-in” context to internal telemetry, including analysis of emails, malware reverse engineering, traffic analysis (PCAP, EDR, application logs), and phone and computer imaging.

People, Process, and Technology

Transform Your Legal Practice with Nisos


Investigate digital threats with confidence

Access Nisos analysts directly with oversight from Nisos’ top advisors who boast over a decade of high-stakes intelligence and investigation experience stemming from the intelligence community at large.



Stay in lockstep with adversaries by measuring exposure and emerging risks

Analyst-led monitoring and critical threat alerting will address your Client’s unique needs, supplying specific responses and tailored risk-reduction recommendations, allowing you to drive your reputation as a trust advisor to in-house counsel and company leadership.



See through the eyes of an adversary

Nisos’ intelligence platform ingests 30+ licensed, curated, and proprietary intel feeds and collection tools and contains 20B+ database records from breach compilations and dark web forums. This data is carefully and closely reviewed by analysts to provide tailored and structured assessments designed to transfer risk away from your clients.



Meet the Team

Jennifer DeTrani

General Counsel

Jennifer DeTrani is General Counsel, SVP Legal, and Corporate Secretary. Prior to Nisos, she co-founded a secure messaging company, Wickr, ran a solo law practice, practiced corporate law in BigLaw and served as a federal prosecutor at the Department of Justice.


Headshot of Landon Winkelvoss from Nisos

Landon Winkelvoss

Co-Founder and VP of Legal and Intelligence Advisory

Landon Winkelvoss co-founded Nisos in 2015 and serves as its VP of Legal and Intelligence Advisory. He leads Nisos legal go-to-market where his team is directly involved in sales, demand generation marketing efforts, law firm partnership acquisition, product management, and project sales conversion to annual recurring revenue.


Speak to our expert team