About us

Additional Information

Our computer forensics team is experienced in all phases of civil litigation.   We have worked hundreds of cases which include computer forensics expert witness testimony regarding the theft of trade secrets, fraud, trademark infringement, and other civil litigation matters.

Many cases begin with an analysis of a company's own devices and data.   The matter may involve analysis of the devices used by former employees to determine if they left with proprietary data.  A forensic review of mobile devices, user laptops and, along with servers and other sources of data may show the transfer of company data to personal accounts or other means of misappropriating data.

In many cases preserving, filtering and producing data to meet discovery obligations are our initial tasks.  We are often asked to review selected data sources for evidence that is most relevant to issues in civil litigation.  This may involve confirming the provenance of certain documents or data.  Our forensic analysis may also focus on rebutting an opposing expert's opinions. 

The forensic analysis may lead to the crafting of an expert report or declaration.   Our experts may later provide expert witness testimony at deposition or trial.  Our computer forensics experts are experienced in all phases of computer forensics supporting potential or actual civil litigation cases.

Peter Garza - Experienced computer forensics consultant.

Peter Garza - Experienced computer forensics consultant.

Notable Engagements

Computer forensics and eDiscovery will most often begin with an accurate collection of data.

Plaintiffs in Theft of IP Litigation


US Consumer Goods Company 

The lead designer along with a number of employees on his design team with an international manufacturer of consumer goods leave and take the initial design work for a new product to a competitor. The product was developed by the competitor based on the stolen design and was wildly popular with consumers. Preservation and review of a large number of user workstation computers, mobile devices, server storage, thousands of pieces of backup media and other enterprise data was accomplished. Our experienced computer forensics team performed forensic analysis to document the theft of design data and prepared extracted data for eDiscovery review by the legal team. 

Our approach: Enterprise environments require an effective team that integrates law firm, client IT and consultant resources. Experience in technical interviews, identifying all potentially discoverable data, preparing data map reports or simply preserving the right data are keys to a successful cost-effective approach to exploiting ESI in larger matters.


Network Compromise vs. Data Breach

   Health Care Software Company

A medium-sized software company specializing in software used to store medical records called for assistance in investigating a potential compromise of a web server. The web server was configured with an application development software platform which had a known vulnerability. The company quickly discovered the intrusion and requested our assistance. Our analysis focused on whether the intruders had merely obtained access to plant malware on the server or had they returned and stolen protected data. 

Our approach:  Our forensic analysis confirmed the intruders successfully picked the lock, so to speak, but had not yet returned and stolen data.  Forensic analysis confirmed the server had been vulnerable to a known and wide-spread attack . Our forensic analysis was successful in showing the compromised web server was likely a part of a large-scale scan by an unknown threat actor who had not yet returned to escalate the successful, but limited intrusion. Working with outside counsel, our experts assisted with briefing a state DOJ and avoided sanctions.


Defendants in IP Theft Case

Chemical Processing Company

Engineers employed by a chemical processing company resigned and started a competing firm. Although the new company used different equipment, for which the plaintiff's code would not work, the departing employees were accused of stealing data. The Plaintiff's expert made mistakes in his analysis and incorrectly claimed a copy of source code was made a month prior to leaving with the intent of stealing data.

Our forensic analysis showed that not only had the authorizedcopy of the laptop was made more than a year prior, data artifacts confirmed authorized work-from-home use by the employee. Proper interpretation of the data on the laptop showed the opposing expert was wrong. Our law firm client obtained a verdict for the defense.

Our approach:  Accurate interpretation of computer forensic data to counter an overzealous forensics expert who make the mistake of advocating for a client, rather than limiting their opinions to what the data can support.