Security

All data is encrypted in transit using TLS 1.2 or higher. Data at rest is encrypted using AES-256. Encryption keys are managed by industry-standard cloud key management services.

Litgent Serve uses role-based access controls so each user sees only what they need. Firms control who has access to their data. Multi-factor authentication is available on all plans and required by default for Enterprise.

Litgent Serve is hosted on enterprise-grade cloud infrastructure with built-in physical security, network isolation, and DDoS protection. We use redundant systems across multiple availability zones for reliability.

Your firm data belongs to your firm. We never use client data to train AI models. We never sell data. We minimize data collection to what is necessary to operate the platform.

Every system action is logged and monitored. Anomaly detection alerts our team to suspicious activity. The audit log within Litgent Serve tracks every user and AI action for compliance and bar review.

We carefully vet every third-party service we use. A current list of subprocessors is available on request. All subprocessors are bound by confidentiality and data protection obligations.

We maintain a documented incident response plan. In the unlikely event of a security incident affecting your data, we will notify affected firms promptly in accordance with applicable law.

Security researchers can report vulnerabilities to support@litgent.ai. We appreciate responsible disclosure and respond to all valid reports.