The views expressed in this blog are those of the owner and do not reflect the views or opinions of the owner’s employer. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information. This policy is subject to change at any time. The owner is not an attorney, and nothing posted on this site should be construed as legal advice. Litigation Support Tip of the Night does not provide confirmation that any e-discovery technique or conduct is compliant with legal, regulatory, contractual or ethical requirements.
Featured on the ACEDS blog.
Follow me on Twitter and see How-To Videos on my YouTube channel.
New tips for paralegals and litigation support profesionals are posted to this site each night. Click on the blog headings for better detail.
Relativity's security white paper for RelativityOne, available here, discloses that Relativity uses Recorded Future for intelligence on cyber security threats, and Anomali to distribute this intelligence.
It actively monitors information on the dark web to attempt to detect future threats. Its 30 person team, Calder7, claims to have not had any serious incidents. Malware is examined in sandbox workspaces. Palo Alto Networks is used to monitor network activity, and Relativity keeps tabs on large transfers of data.
Relativity may investigate if a customer's usage of a workspace departs from what its profile would suggest its activity in the workspace should be. Relativity also conducts third party penetration testing. SQL injection is avoided by coding text controls - where data is input.
Relativity is ISO 27001 and SOC 2 certified, and it uses a Microsoft Azure infrastructure that adheres to other standards such as those of FedRAMP and HIPAA. Customers have access to security log information from Relativity.
Relativity utilizes the MITRE ATT&CK knowledge base to keep track of the techniques used by hackers.