Step 1
User
Authenticated or anonymous user submits a URL or uploads a file via the Cyber Console.
Trust
Data flow
How an evidence artefact moves through LegalAudit, from upload to delivered dossier.
Step 2
Edge / CDN
TLS 1.3 termination at the edge; static assets served from Swiss/EU edges; API and SSE never cached.
Step 3
Application
Request authentication, tenant scoping, rate limiting, schema validation. Untrusted content is tagged as such.
Step 4
ClamAV
Every upload is scanned. Detections are quarantined and never reach the AI.
Step 5
Sandbox extraction
Archives, PDFs, and emails are unpacked inside a bubblewrap sandbox with no network and a memory cap.
Step 6
Mythos AI
Extracted text and metadata flow through the Mythos forensic engine under zero-retention contracts. No training on customer content.
Step 7
Dossier renderer
Findings are rendered into a PDF dossier with NIST/ISO methodology citations and chain-of-custody hashes.
Step 8
Storage
Paid dossiers are stored in S3 (eu-central-1) with SSE-KMS encryption. Free dossiers are emitted to the user and not persisted server-side.
Step 9
AWS SES (EU) delivers the dossier-ready notification with a signed download link valid for 7 days.
Informational document published by LegalAudit SA. Statements reflect the current state of controls and are reviewed quarterly. They are not a contractual warranty unless incorporated into a signed agreement. For binding terms request the executed DPA at privacy@legalaudit.ch.