Texas, USA·By appointment·DPS license #A31200301
Home/Scenarios
Scenarios · field guide

When the right call is a digital-forensics call.

A working guide to the situations a Texas digital-forensics examiner actually handles, twelve for individuals and families, twelve for small businesses. Each entry is the situation, how the lab approaches it, and what you get back at the end.

Field guide
24 scenarios · last updated May 2026
Coverage
Texas · remote & on-site
First call
Free · 30 minutes
Confidential by default
NDA on request

Below are twenty-four of the situations that most often call for a digital-forensics examiner in Texas, written as a field guide for the person living with the problem, not the examiner solving it. If your situation doesn't fit cleanly into one of these, it probably overlaps several. Start a 30-minute scoping call and we'll tell you whether forensics is the right answer at all.

Licensed
Texas DPS #A31200301
Certified
GIAC · OSCP · OSEP examiners
Confidential
NDA on request
Statewide
Remote and on-site across Texas

Section 01 · For individuals & familiesWhen something feels wrong with a device that belongs to you.

These twelve scenarios cover most calls a Texas digital-forensics lab takes from individuals and families: spyware on a partner's phone, family-court evidence, account compromise, estate access, child safety, scam recovery, and the quiet recovery work that doesn't make headlines. Every engagement starts with a free 30-minute call, no obligation.

“I think my partner installed spyware on my phone.”

Stalkerware, hidden monitoring apps, and tracking software on a phone or laptop, found, named, and documented in a report you can act on.

The situation

Battery draining faster than it should. Texts your partner already seems to know about. Apps you don't remember installing. Stalkerware is more common than people realise, commercial products like mSpy, FlexiSpy, Cocospy, and dozens of others can be installed in under five minutes if someone has your phone unlocked once.

How the lab helps

We perform an anti-stalkerware sweep on the device. Where supported, that's a full file-system extraction; otherwise, a careful artifact-by-artifact review of installed apps, profiles, accessibility services, certificates, and background processes. We use MVT, iVerify, and our own tooling to detect known stalkerware families and the suspicious behaviour patterns that point to custom monitoring.

From the lab. Stalkerware is designed to remain hidden - let us assist you.

What you get back

Time
A 24–72 hour examination instead of months of doubt.
Money
Avoids the cost of replacing devices you don't yet know are compromised.
Peace of mind
Either a clean device, or a documented finding you can use to protect yourself.

“I think my partner is hiding things on the family computer.”

Discreet forensic review of a shared computer or phone you legally own, recovering deleted messages, browser history, and hidden accounts.

The situation

Sudden privacy lock on a device that used to be shared. A second browser profile. Messages disappearing before you can read them. People feel something is off long before they have anything they can point to, and most of what they think is hidden actually leaves a trail.

How the lab helps

If the device is jointly owned or legally yours, we image it and reconstruct activity: deleted messages, browser history (including private/incognito artifacts), cloud-sync logs, login patterns, second accounts, dating-app traces, and anti-forensic tools used to erase. The report is written in plain English with a technical appendix you can hand to an attorney.

From the lab. We only examine devices the client legally owns or controls. Anything else is outside the engagement.

What you get back

Time
A clear answer in days, not months of low-grade dread.
Money
A documented finding before you spend on a divorce attorney with nothing to show them.
Peace of mind
You stop wondering. You know what is, or isn't, on the device.

“I forgot the password to my own encrypted drive.”

Owner-authorised password recovery on encrypted volumes, archives, office documents, and accounting files, using a GPU cluster.

The situation

BitLocker, FileVault, VeraCrypt, an old encrypted backup, a ZIP file with tax records, a QuickBooks file the previous bookkeeper locked. The data is yours. You just can't get to it.

How the lab helps

On owner-verified assets, we run GPU-accelerated recovery against dictionary, mask, and hybrid rules, informed by what you can remember about your own patterns. Most reasonable passwords fall in 24–96 hours. If the algorithm makes it impractical, we say so quickly so you're not paying for time we know won't deliver.

From the lab. Recovery is performed only on assets the client legally owns. Authorization in writing, every time.

What you get back

Time
Most recoveries land inside a long weekend.
Money
Recovers data worth far more than the engagement, tax records, accounting files, archives.
Peace of mind
Your files come back to you, not the cloud, not a third party.

“A loved one passed and we can't get into their accounts.”

Estate and probate digital forensics, lawful access to a deceased family member's devices, photos, accounts, and financial records.

The situation

A parent or spouse has passed. Their phone is locked. Their photos are on a laptop you don't have the password to. Their accounting software, password manager, and email account hold information the family or executor genuinely needs, and the consumer-grade tech-support channels won't help without paperwork they don't even tell you exists.

How the lab helps

Working from letters testamentary (or with the surviving spouse where appropriate), we perform a forensic extraction of the device, recover stored credentials where possible, and produce a navigable archive of photos, documents, and contacts. For financial records we coordinate with the estate attorney to make sure everything stays inside probate.

From the lab. We work with your probate attorney from the first call.

What you get back

Time
Weeks faster than the platform-by-platform support channels.
Money
Avoids losing financial accounts, subscriptions, and assets to dormancy.
Peace of mind
Family photos and memories preserved, not lost behind a lock screen.

“I'm worried about what's on my child's phone.”

Plain-English examination of a minor child's device, hidden apps, disguised vaults, predator contact patterns, sextortion indicators.

The situation

A change you can't put your finger on. A calculator app that asks for a password. A second Instagram you didn't know about. Late-night DMs from an account that won't show its face. Parents come to us because the consumer parental-control tools don't see what they really need to see.

How the lab helps

Working with the parent of a minor child (and a signed authorization), we perform a forensic examination of the device, file-system level where the phone supports it, advanced-logical otherwise. We identify hidden and disguised apps, calculator vaults, fake utility icons, secondary chat clients, review messaging history across the apps actually in use, and flag predator contact patterns, grooming indicators, and sextortion exchanges.

From the lab. If a finding rises to the level of a crime against the child, we'll help you escalate to law enforcement directly.

What you get back

Time
Same-week turnaround for active concerns.
Money
A report that a counselor, school, or attorney can act on without a second forensic invoice.
Peace of mind
A real answer instead of a parental dashboard that misses what matters.

“Someone got into my accounts, what else did they touch?”

Account-takeover and identity-theft forensics, scope of intrusion, persistence, and a documented report for banks, insurers, and law enforcement.

The situation

Your email got into the wrong hands. You changed the password. But you don't know what else they did first, mail rules, recovery emails, OAuth grants to apps you've never heard of, devices added to your accounts. Banks and identity-theft insurers want a forensic scope before they'll release funds or accept a claim.

How the lab helps

We acquire and analyse the affected devices and the relevant cloud audit logs (M365, Google Workspace, iCloud, major banks). We identify the entry point, the persistence mechanisms, and the full list of accounts, files, and contacts touched. The output is a written report and an indicator list you (and your bank's fraud team) can use.

From the lab. The hardest part of an identity-theft claim is documenting what was actually touched. That's the part of the work we do.

What you get back

Time
Hours-to-days, depending on how many accounts.
Money
Insurance and bank-fraud claims with the documentation they actually want.
Peace of mind
You know the full scope. Nothing is still quietly logged in somewhere.

“I've been scammed. I need an evidence package.”

Romance, investment, and pig-butchering scam forensics, a documented evidence package for law enforcement, banks, and civil counsel.

The situation

It started as a relationship, an investment opportunity, or both. The money is gone, the contact is gone, the platform looks legitimate but never paid out. The bank wants documentation. The local police don't quite know where to start. The case is real, it just needs to be made legible.

How the lab helps

We extract the messaging history, screen captures, and metadata from your device; reconstruct the timeline of the relationship and the financial events; capture the websites and apps used (often spoofed exchanges or fake brokerages) before they disappear; and tie identifiers, phone numbers, email accounts, wallet addresses, into an indicator list. The report is structured for an FBI IC3 complaint and for civil counsel.

From the lab. We will tell you honestly whether forensic recovery of funds is realistic in your situation. Often it isn't, and we'll say so.

What you get back

Time
An evidence package in days, not the months a victim usually spends piecing one together.
Money
Materially better odds with bank fraud teams and civil recovery firms.
Peace of mind
Someone in your corner who has seen this exact pattern before.

“Someone made a fake video of me, or posted private images.”

Deepfake, revenge-porn, and image-based abuse forensics, authentication, source tracing, and a takedown-ready evidence record.

The situation

A fabricated video. A private photo posted somewhere it shouldn't be. Texas Penal Code §21.16 makes the conduct criminal, but the platforms, the police, and a civil attorney all need the same thing: a forensic record of what was posted, where, by what account, with what metadata, and how it can be authenticated.

How the lab helps

We capture the offending content forensically (hash-verified, with chain of custody), analyse the file for manipulation artifacts and synthetic-media indicators, trace the originating account where the platform exposes that data, and prepare a takedown and law-enforcement package. We coordinate with civil counsel for §21.16 actions and federal recourse where applicable.

From the lab. Speed matters here. The first hour after a post goes up is when preservation is easiest.

What you get back

Time
Hours from first call to a preservation snapshot, before content is taken down.
Money
Faster, cheaper civil recovery once counsel is involved.
Peace of mind
Someone competent has taken the technical part off your shoulders.

“My ex still has access to my cameras and accounts.”

Account- and smart-home access audit after a separation, kicking an ex out of every device, app, and account in your home.

The situation

Smart locks, cameras, thermostats, garage doors, streaming accounts, shared cloud storage, family-plan trackers. After a breakup or separation, the list of things an ex can still see, or still control, is much longer than people realise. Sometimes the access is deliberate; sometimes it's just never been cleaned up.

How the lab helps

We audit every connected device and account in the home, identify every authorised user (including ghost devices), revoke and rotate where required, and document the before/after. For accounts that show signs of misuse, we preserve the access logs forensically in case they're needed for a protective-order filing.

From the lab. We can find devices on your network that shouldn't be there.

What you get back

Time
A single afternoon to lock everything down properly.
Money
Avoids the cost of replacing devices that just needed re-enrolling.
Peace of mind
You walk through your own home knowing nobody else is watching.

“I just want the photos back from a drive that died.”

Data recovery from corrupted hard drives, SSDs, and SD cards, when the data is irreplaceable.

The situation

An old hard drive won't boot up windows. A child got their hands on your computer. An external drive not recognized. The data is photos, videos, voicemails, things that can't be replaced.

How the lab helps

We assess the device honestly, We tell you upfront whether recovery is realistic for your specific failure, and only quote when it is. We don't service hardware or electronic failures.

From the lab. The cheapest recovery is the one that doesn't take the case at all. We will tell you when that's the right call.

What you get back

Time
An honest assessment in 24–48 hours.
Money
No spend on a hopeless case. Real cost only when recovery is plausible.
Peace of mind
Photos of children, parents, and the people no longer here, returned.

“My ex's phone has evidence the court should see.”

Family-court digital evidence, preserving, authenticating, and presenting communications, location data, and device activity to counsel.

The situation

Custody disputes, protective-order proceedings, and contested divorces increasingly turn on what's on a phone. Screenshots aren't enough on their own, they're easy to fabricate and easy for opposing counsel to challenge. Authenticated forensic acquisition is what makes that evidence stick.

How the lab helps

Working through your family-law attorney, we acquire devices that are lawfully discoverable (your own phone, jointly owned devices, devices subject to a court order), extract messages, photos, location history, and call records, and produce an examiner's report and chain-of-custody log. Where the case proceeds to a hearing, the report is structured to be defensible on the stand.

From the lab. We work through counsel for family-law matters. Have your counsel reach out to us.

What you get back

Time
Evidence in the right form before the next hearing.
Money
Avoids losing the matter on a chain-of-custody objection.
Peace of mind
Your story, with the evidence to back it.

“My device was out of my sight. Was anything installed?”

Targeted tampering sweep after travel, separation, repair, or workplace access, checking for surveillance software, profiles, and unauthorised configurations.

The situation

A border crossing where a device was taken into another room. A repair shop you weren't sure about. A roommate, a coworker, or a contractor who had the chance. The fear is reasonable, and the answer is knowable in a few hours of careful examination.

How the lab helps

We perform a tampering sweep tailored to the device class, installed profiles, MDM enrolment, suspicious certificates, accessibility-service abuse, scheduled tasks, unexpected SSH/Remote-Desktop changes, and the known stalkerware families. The report says, plainly, whether anything was installed and what it does if so.

From the lab. If you carry sensitive work data and travel, a periodic sweep is cheaper than the breach it prevents.

What you get back

Time
A 24-hour sweep, faster for active concerns.
Money
Don't replace a perfectly good device on a hunch.
Peace of mind
Use your phone again without wondering who else is on it.

None of these is exactly your situation?

They almost never are. A 30-minute scoping call is free and obligation-free, and is genuinely diagnostic. We'll tell you honestly whether forensics is the right next step, or whether the answer is counsel, IT, or law enforcement.

Section 02 · For small businessesWhen the company's data, money, or people are on the line.

These twelve scenarios cover the small-business and SMB matters the lab handles most: departing-employee data theft, employee misuse investigations, ransomware response, business email compromise, embezzlement, insider data leaks, and the quieter offboarding and access-recovery work that keeps the business running. Sized for a 5-to-500-employee shop with or without internal IT.

“An employee just resigned. Did they take the customer list?”

Departing-employee forensics, proving (or ruling out) theft of customer lists, source code, design files, or trade secrets at the moment of departure.

The situation

A senior salesperson resigns and joins a competitor a week later. Deals start moving the other way. Or an engineer leaves and the next product ships looking suspiciously familiar. Texas trade-secret and non-compete cases live or die on what can be proven about what walked out the door.

How the lab helps

We image the departing employee's workstation, phone (if company-owned), and email account, then look for the specific signals, USB device history, cloud-sync events, mass downloads, mass emails to personal addresses, ZIP creation followed by upload, and the timestamps that show intent. The report is written for civil counsel under the Texas Uniform Trade Secrets Act.

From the lab. Preservation is everything. Most evidence is destroyed by routine IT reprovisioning within days of a departure.

What you get back

Time
Findings inside a week, before the trail goes cold.
Money
Trade-secret recovery and injunctive relief depend on this evidence.
Peace of mind
Either a clear case to act on, or a clean exit with no further exposure.

“We need to know what's actually on the work laptop.”

Employee misuse investigations, adult content, side businesses, gambling, harassment material, or simple non-work activity on company time.

The situation

An HR complaint. A manager's instinct. An IT alert about bandwidth at strange hours. The conduct may be a firing, a coaching, or nothing at all, but the company can't make that decision without knowing what's on the machine, and HR can't go looking themselves without breaking the evidence chain.

How the lab helps

Under an HR-authorised engagement, we image the device, review browser history, downloaded media, installed applications, and document storage. The report names what is there and what isn't, with timestamps, sized in plain English so HR and counsel can decide on a defensible response.

From the lab. Findings are written so they can be shown to the employee, counsel, and (if needed) an arbitrator. No language we wouldn't defend on the stand.

What you get back

Time
A complete picture in days, not weeks of internal back-and-forth.
Money
Wrongful-termination exposure drops dramatically with a forensic record.
Peace of mind
HR acts on facts, not on what someone glanced at on a manager's screen.

“Our files are encrypted. Now what?”

Small-business ransomware response, entry point, scope, exfiltration check, restoration plan, and the report your insurer and counsel will require.

The situation

Monday morning, every file ends in .locky or .crypt or some variant nobody at the office has heard of. A ransom note on every desktop. The first decisions in the next 24 hours decide whether the business loses days or months.

How the lab helps

We deploy the same day to contain the intrusion, identify the strain and the entry point (most often a single phished credential or an exposed RDP service), determine whether data was exfiltrated before encryption, preserve forensic evidence for the insurer and law enforcement, and coordinate the restoration sequence so backups don't get re-encrypted on the way back up.

From the lab. We work directly with your cyber-insurance carrier and outside counsel. The first call doesn't have to be a long one.

What you get back

Time
Hours to containment, days to restoration, instead of weeks.
Money
Cyber-insurance claims pay faster with a forensic IR record. Some don't pay at all without one.
Peace of mind
Someone who has done this before is in the room from the first hour.

“We wired money based on what turned out to be a fake email.”

Business email compromise and wire-fraud forensics, fast scoping, M365/Workspace audit-log forensics, and the documentation your bank and insurer require.

The situation

A vendor sent updated wire instructions. Or the CEO did, late on a Friday. The wire went out. Days later it turns out it was a spoofed or compromised mailbox. The bank's fraud team wants documentation; the cyber-insurance carrier wants documentation; the FBI's IC3 wants documentation. Speed matters.

How the lab helps

We pull and forensically preserve the M365 or Google Workspace audit logs (message rules, login history, mail-forwarding additions, OAuth grants), identify whether your tenant was actually compromised or whether the spoof was external, scope which other accounts and inboxes the attacker accessed, and produce the report that drives a bank fraud claim, an insurance claim, and an IC3 complaint.

From the lab. Most BEC matters also need a mailbox audit of every other senior employee. The attacker rarely stops at one inbox.

What you get back

Time
An evidence-grade scope inside 24–72 hours.
Money
Bank fraud reversal windows close fast, sometimes within days.
Peace of mind
Everyone with money on the line gets the report they need, in the form they need it.

“Our books don't add up. We think someone inside is taking money.”

Embezzlement and internal-fraud forensics, accounting-system access logs, device artifacts, and a quiet investigation that doesn't tip off the suspect.

The situation

Vendor invoices that don't quite match. Adjusting entries that get reversed. A bookkeeper or controller who never takes vacation. Small businesses lose more to internal fraud per year than to external attackers, and the longer it runs the bigger the loss, and the harder it is to prove later.

How the lab helps

Working under a confidential engagement letter (often through outside counsel), we acquire the relevant devices, reconstruct what was changed, by whom, and when, and see what aligns with bank-statement activity. The investigation runs quietly until the engagement is ready to surface.

From the lab. We coordinate with the company's outside counsel.

What you get back

Time
A controlled, weeks-long investigation, not a years-long bleed.
Money
Civil recovery, insurance bond claims, and prosecution all require this evidence.
Peace of mind
Whichever direction it goes, you'll know, and you'll know quietly.

“Our sales numbers keep showing up at the competition.”

Quiet insider-threat investigation, finding the leak without alerting the source.

The situation

Bids being undercut by the exact margin. A new hire at a competitor who used to be yours. A product roadmap that lands in a reporter's inbox a week after the all-hands. The leak is rarely a hack, usually a current employee with legitimate access and a side motive.

How the lab helps

We instrument the environment quietly (DLP review, mailbox audit, endpoint telemetry on suspected accounts), and run a behavioural review across cloud and device activity for the candidate accounts. The investigation operates on the assumption that the insider may be watching the very systems we're using, and is structured accordingly.

From the lab. Insider matters are the engagement most likely to need counsel from day one. We work alongside yours.

What you get back

Time
A documented finding in weeks, instead of guessing for quarters.
Money
Stops the recurring losses and unlocks civil recovery.
Peace of mind
Either the leak is real and now provable, or it's been ruled out.

“We paid an invoice, and the real vendor never got the money.”

Supplier-impersonation and invoice-redirection fraud, forensic scope, recovery support, and the documentation to prevent the next one.

The situation

A long-standing supplier sends a routine email asking AP to update their banking details. The next invoice gets paid into the new account. Then the real supplier calls about an unpaid invoice. The money's gone, and the only thing that gets it back is fast, accurate documentation of how the spoof happened.

How the lab helps

We examine the involved mailboxes and devices on both sides where access permits, reconstruct the chain of emails (including spoofed headers and lookalike domains), preserve the evidence forensically, and produce the report needed for bank recall, FBI IC3 filing, and the cyber-insurance claim. We also report on what process changes would have stopped it.

From the lab. Spoofed email is a common tactic by adversaries and scammers - see how we can help.

What you get back

Time
Bank-recall windows are short. The first 48 hours matter.
Money
Documented IC3 filings dramatically improve recovery odds.
Peace of mind
A clear answer on whether your tenant is compromised, or if the impersonation was external.

“The bookkeeper left, and changed every password on the way out.”

Lawful access recovery for accounting databases and shared business systems after a key employee's departure.

The situation

A bookkeeper, an office manager, or an outside accountant has left, sometimes amicably, sometimes not, and the company can't get into its own QuickBooks file, its own bank portal, or its own document store. Without that access, payroll runs late, vendors don't get paid, and tax filings start missing deadlines.

How the lab helps

On a verified-ownership basis, we recover access to the company's own data: QuickBooks file passwords, accounting-database admin credentials, shared-drive encryption, and document-archive passwords.

From the lab. Recovery here is verified-ownership only. If the underlying claim to the data is disputed, we route through counsel before any work begins.

What you get back

Time
Most recoveries land in 24–96 hours, before the next payroll.
Money
Avoids late filing penalties, missed payroll, and vendor disputes.
Peace of mind
The company runs on its own data again, on its own schedule.

“Our IT admin quit angry, and we don't know what they touched.”

Forensic audit after a privileged-user departure, backdoors, hidden accounts, sabotage indicators, and a clean-room hand-off to new IT.

The situation

The departing administrator had every password and every key. They left under bad terms, or they're still there during a notice period and the relationship has deteriorated. The risk isn't only what they take, it's what they leave behind: a hidden account, a scheduled task, an SSH key in the wrong place.

How the lab helps

We audit the environment with the same methodology used in incident response, privileged-account inventory, scheduled-task and persistence sweep across servers, log-tamper review, backup-system access review, cloud and SaaS audit-log review for the relevant window, and produce a documented hand-off the incoming admin (or MSP) can use as a starting point.

From the lab. The right time to run this sweep is the day notice is given. The wrong time is the day something breaks.

What you get back

Time
Two-to-five days for most small-business environments.
Money
Cheaper than the sabotage scenario where you find it three months in.
Peace of mind
The new IT team starts from a known-clean baseline.

“An employee clicked a link. How bad is it, really?”

Phishing-scope forensics, endpoint, mailbox, and cloud-audit review to determine whether a click became an incident.

The situation

An employee clicked. They told IT five minutes later, or five days later. The MFA prompt may or may not have been approved. The question every leadership team asks: do we need to disclose, do we need to call the insurer, do we need to call counsel?

How the lab helps

We acquire and triage the affected endpoint, pull the relevant mailbox and cloud audit logs, look for the specific post-compromise patterns (mailbox rules, OAuth app grants, persistence implants, lateral access), and tell you in plain English: nothing happened, something happened and is contained, or something happened and we need to escalate.

From the lab. Usually these end up being a click without a consequence. The other half need exactly this engagement.

What you get back

Time
Same-day triage. 24–48 hours to a full scope.
Money
Saves the cost of a worst-case-assumption response when the worst case didn't happen.
Peace of mind
Real answer, not a guess. Disclosure decisions made on evidence.

“We have a harassment complaint that lives on company devices.”

Workplace-harassment forensics, preserving and producing evidence in a way that survives both internal HR review and litigation.

The situation

A formal harassment complaint references texts, Teams or Slack messages, or shared files. HR has the screenshots an employee offered. Counsel knows that screenshots alone are challenged routinely. The company needs a forensic record on company-owned devices, acquired in a way nobody can later call into question.

How the lab helps

Working with HR and outside counsel, we acquire the relevant company-owned devices and accounts under a documented engagement letter, preserve the conversations and attachments, and produce an authenticated set of evidence with chain-of-custody. The investigation respects the bounds of an employer's monitoring rights under Texas law and the company's own acceptable-use policy.

From the lab. Counsel-driven. We are not the decision-maker on the matter; we are the evidence handler.

What you get back

Time
Evidence ready before the next HR or legal milestone.
Money
Litigation and EEOC exposure drops with proper evidence handling.
Peace of mind
Both the complainant and the accused get a fair, defensible process.

“A contractor's account is doing things at 3 AM.”

Third-party and contractor access investigation, establishing whether vendor access has been misused, sublet, or compromised.

The situation

A contractor or vendor has remote access to your systems and the logs show activity in windows the contractor swears aren't theirs. Maybe their credentials were sold or leaked. Maybe they sublet the work without disclosing. Maybe the activity is legitimate and the alerting is wrong. Hard to know without looking.

How the lab helps

We review the contractor's access logs, endpoint behaviour from your side of the connection, geolocation and ASN patterns, and (with the contractor's cooperation, where the contract allows) their own endpoint. The report establishes which activity is legitimate, which isn't, and what the right contractual or notification response is.

From the lab. Usually these turn out to be the contractor's credentials in someone else's hands, not the contractor at all.

What you get back

Time
A documented scope in days, not the months of unease before.
Money
Either the contractor stays and is hardened, or is removed cleanly.
Peace of mind
Vendor risk becomes a known quantity, not a recurring 3-AM alert.

The first call is the cheapest one.

Most small-business matters get cheaper, faster, and more survivable the earlier a forensic examiner is in the room. We work directly with your outside counsel, your cyber-insurance carrier, and your bank's fraud team, from the first hour if needed.

Engagement intake

Talk to Private-Eye.

Most engagements are quoted within 24 hours.

Request a consultation