Built for Trust: How Security Shapes Every Orbital Product

In the world of real estate law, trust is everything. When legal professionals work on high-value, time-sensitive transactions, their tools must meet the highest standards of security, transparency, and control.

At Orbital, we've spent over eight years building products trusted by real estate lawyers and property professionals working on complex, high-value property transactions. Whether you're using Orbital Witness, Orbital Residential, or Orbital Copilot, our approach to security is consistent, deliberate, and tailored for legal professionals.

Full-Lifecycle Security: Secure by Design, Protected in Practice

At Orbital, security isn’t a checkbox—it’s built into everything we do, from day one and beyond. 

Secure by Design

We design all new software to meet the highest standards of security and compliance from the outset. Orbital is ISO 27001:2022 certified, with our information security management system audited and certified by CFE CERT, a respected European certification body known for its technical rigor and independence.

Our engineering team applies secure development practices throughout the product lifecycle. Every code change is peer reviewed, and we build with the principle of least privilege in mind to minimize attack surface area from the start. We also support SSO integration with customer identity providers, enforce multi-factor authentication (MFA), and secure our APIs using industry-standard protocols such as OAuth 2.0 and JSON Web Tokens (JWT).

In 2024, Microsoft published a case study on Orbital, recognizing how we securely use Azure infrastructure to handle high-sensitivity legal and real estate data. The study highlights our ability to meet stringent compliance requirements—a reflection of the engineering rigor behind our platform today.

Protected in Practice

Security doesn’t stop at launch. We take a proactive approach to protecting our systems and data on an ongoing basis.

✅ We enforce role-based access controls (RBAC) using Microsoft Entra Privileged Identity Management, with all production access time-boxed and auditable.

✅ We conduct regular third-party penetration tests to identify and resolve vulnerabilities, and we evolve our practices in close collaboration with infosec and procurement teams at world leading firms.

✅ We monitor for threats using vulnerability scanners, Microsoft security tooling, and ongoing compliance checks through Thoropass certification.

✅ Our team actively tracks industry security news and advisories to stay current with emerging threats and best practices.

✅ We continually review and refine our security procedures and protocols to ensure we maintain strong protection as our platform evolves.

Security is not a one-off milestone—it's a discipline. We hold ourselves to the highest standard, so our customers can operate with confidence.

Domain Expertise Without Data Exposure

A top concern for law firms considering AI tools is whether sensitive client documents are used for model training. At Orbital, the answer is simple: absolutely not.

Our AI products—Orbital Copilot and Orbital Residential—never use customer data for training. Our AI systems operate purely in inference mode. Customer inputs are not used for model training, tuning, or performance optimization.

We enforce strict zero-retention policies with our third-party model providers—including OpenAI, Anthropic, and Google—to ensure data processed during inference is not stored or used to improve their models.

Even without training on customer data, we’re able to deliver accurate, domain-specific results. So how do we achieve that?

The answer lies in our Legal Engineers, real estate law professionals who design specific prompt strategies and shape how our systems reason about legal text. This is akin to how lawyers are trained in the real world, through structured reasoning and expert guidance. Rather than relying on customer data to improve performance, we encode legal logic directly into the product. We’re not teaching the system to memorize examples, we’re training it via legal experts to think like a lawyer. 

This architectural approach allows us to deliver precise, domain-specific results while ensuring that confidential client information remains exactly that—confidential.

Transparency Over Assumption

We believe that legal professionals shouldn’t have to take AI outputs at face value. That’s why both Orbital Residential and Orbital Copilot were designed to provide complete transparency into how each answer was generated.

AI output includes pinpointed citations that link directly to relevant portions of the uploaded document. In Orbital Copilot, we also provide a transparent chain-of-thought analysis that shows how the system arrived at its conclusion. For UK property matters, references to official HM Land Registry (HMLR) practice guides are also embedded where relevant, helping to reinforce outputs with trusted standards.

Our AI products are assistive, not autonomous—always keeping the lawyer in control. Human review, legal reasoning, and professional discretion remain central to the workflow. Our goal is to make those processes faster, more consistent, and easier to scale—without obscuring the reasoning behind the results. 

Accuracy Comes First

In legal work, precision matters more than speed. That’s why we’ve consistently chosen to optimize our products for accuracy and explainability over raw response time.

We use the most advanced large language models available where they improve legal reasoning and contextual understanding. In some cases, we intentionally allocate greater computational resources, running additional validation steps and processing more tokens, because we prioritize legal-grade accuracy. The result is a system that closely mirrors what a human lawyer might produce. It is far more precise and contextual than a generic chatbot, and delivers results in an order of magnitude less time.

Our customers can also create and customize Blueprints—structured workflows that reflect their specific practice areas, clients, or deal types. These allow legal teams to standardize how Orbital Copilot operates across matters while retaining the flexibility to adapt to the unique needs of each transaction.

Trusted by the World’s Leading Firms

At Orbital, we believe trust is earned—not assumed. That’s why every part of our platform, from infrastructure to user experience, is built to meet the expectations of real estate legal professionals navigating high-stakes matters and evolving AI regulations.

We’ve passed rigorous security reviews from many of the world’s top law firms, including members of the Am Law 100. Our team collaborates directly with legal, risk, and infosec teams to ensure key controls are defensible controls, transparent data flows, and  policies that meet the expectations of our customers' legal and risk teams.

Whether you're using Orbital Witness, Orbital Residential, or Orbital Copilot, you can rely on the same foundational principles: security by design, transparency by default, and trust earned through every detail.

And we’re not standing still. As the legal tech landscape evolves, we’ll continue to raise the bar—building responsible AI and helping our customers unlock innovation without ever compromising on security, accuracy, or control.