Platform capabilities

Everything in the box.
Nothing to configure.

Two modules. One protection layer. Clawscan runs natively inside Microsoft 365 — detecting legal risk in how your people communicate, before and after every send. No rules to configure. No headcount required.

Feature 01 · Shield

Real-time prevention during drafting.

Shield runs inside Outlook as an employee composes an email. The moment a draft contains language that matches a legal risk pattern, an alert surfaces in the Outlook add-in — before the email is sent to anyone.

The alert shows the exact flagged passage, a written legal justification, and two options: edit the email or dismiss.

  • Alert appears inside Outlook add-in during compose
  • Exact flagged passage surfaced with legal context
  • Employee can edit or dismiss
  • Scoped to Entra ID security group — not org-wide
Shield — Outlook composeActive
Guard — Compliance dashboardLive · scanning
0
Critical
0
Warning
0
Safe
0
Scanned
Feature 02 · Guard

Full-coverage oversight of every email in scope.

Guard operates on your shared mailbox. Every email redirected into scope is scanned across all active legal domains simultaneously — delivering classification, written justification, and flagged passage within seconds.

Your legal and/or compliance team reviews what matters, not everything. Critical flags surface at the top with actionable verdicts. Every result is timestamped and stored for audit.

  • 100% email coverage — no sampling, no gaps
  • All active domains evaluated simultaneously per email
  • Classification, justification, and flagged passage per flag
  • Full audit trail — every verdict and reviewer action stored
Feature 03 · AI detection

Intent and context. Not keywords.

Keyword tools flag emails that contain “price” or “competitor.” Clawscan's AI models read intent — understanding what an email is actually saying, not just what words it contains.

This means Clawscan catches sophisticated, informal coordination that would never trigger a keyword rule — and doesn't flag innocent emails that happen to use sensitive terms in a legitimate context.

  • Detects intent, language pattern, and conversational context
  • No false positives from legitimate business language
  • Catches informal coordination that bypasses keyword filters
  • Per-domain AI models focused on regulatory frameworks
  • Written justification explains why — not just what was flagged
Scenario 1 — benign commercial negotiation
Keyword tool

“Hi Marc, let's discuss pricing for the Q3 contract renewal. Happy to match our competitor's rate if needed.”

Result

FLAGGED — keywords “pricing”, “competitor” detected. False positive.

Clawscan

“Hi Marc, let's discuss pricing for the Q3 contract renewal. Happy to match our competitor's rate if needed.”

Result

SAFE — legitimate commercial negotiation. No cartel risk detected.

Scenario 2 — informal coordination
Keyword tool

“If we both quote around the same level, neither of us needs to worry about margin this quarter.”

Result

NOT FLAGGED — no trigger keywords present. Missed.

Clawscan

If we both quote around the same level, neither of us needs to worry about margin this quarter.”

Result

CRITICAL — price coordination intent detected. Article 101 TFEU risk.

Feature 04 · Architecture

Raw email never leaves your tenant.

The Clawscan Engine runs inside your Azure environment. Every scan happens on your infrastructure. Raw email content never crosses the tenant boundary — this is an architectural guarantee, not a policy promise.

Only scan outputs — classification and justification — are transmitted to the GOlegal side for storage and reporting. Your emails remain in your Exchange environment, unmodified.

  • Scanning engine deployed inside your Azure tenant
  • Raw email content never crosses the tenant boundary
  • Only scan outputs transmitted cross-tenant
  • Emails remain unmodified in Exchange — no banner injection
Your Azure tenant
Client environment
  • Exchange Online
  • Clawscan Engine
  • Azure AI Foundry
  • Entra ID
Raw email stays here
Outputs only
ClassificationJustification
GOlegal tenant
Provider environment
  • Control API
  • Dataverse · TDE/AES-256
  • Admin Control Center
Supporting features

More of what the platform does.

Every feature below is included — no add-ons, no extra configuration beyond initial setup. Expand any row to see how it works.

  • Outlook add-in

    Shield and Guard surface natively inside Outlook — no portal switching required.

    Shield alerts and Guard verdicts both surface natively inside Outlook — the tool your employees and compliance team already live in. No separate portal to open for routine review, no context switching mid-workflow. The add-in is deployed via M365 Admin Center Centralized Deployment, scoped to your Entra security group. It works across Outlook for Windows, Mac, and OWA.

    Outlook · Clawscan add-in active
    Outlook · ribbon
    SendAttachClawscan
    Clawscan panel active — Guard alerts + Review verdicts surface inline.
    Task pane
    Active

  • Privacy filtering

    Emails matching a subject-line keyword are skipped before scanning — fully client-controlled.

    Some emails should never be scanned. Clawscan gives you a keyword-based skip list — any email whose subject line matches a configured keyword is dismissed before it enters the scan pipeline. Never read, never stored, never processed. The keyword list is entirely in your hands. Configure it to match your internal conventions — [Private], [Confidential], or anything else. The feature can be toggled on or off per deployment.

    Email queue — filter active
    [Private] Doctor's appointmentSkipped
    Q3 tender — pricing syncScanned
    [Confidential] HR matterSkipped
    Framework renewal — three bidsScanned

  • User scope control

    One Entra ID security group controls who is monitored across both Shield and Guard simultaneously.

    Who gets monitored is entirely in your hands, controlled via a single Entra ID security group you manage. Add an employee — Shield and Guard both activate immediately. Remove them — both deactivate. No separate scope configuration for each mode, no drift between them. Your monitoring perimeter stays in sync with your org chart automatically.

    Entra ID · Clawscan-Scope
    Entra ID · Security group
    Clawscan-Scope
    ● Active
    k.durand@acme.com
    a.laurent@acme.com
    sales-team@acme.comDynamic
    b.vermeersch@acme.com

  • Attachment scanning

    Email body and attachments scanned together — PDF, Word, Excel, images, calendar files, and more.

    Risk doesn't only live in the email body. Clawscan scans the email and its attachments as a single unit — a problematic clause in a Word attachment is treated with the same weight as the same language in the body. Attachments are scanned client-side and never leave your Azure tenant. The supported format list expands regularly as the platform evolves.

    Supported attachment formats
    PDF
    Document
    DOCX
    Word
    XLSX
    Excel
    PNG
    Image
    JPG
    Image
    ICS
    Calendar
    MSG
    Email
    EML
    Email

  • Email chain scanning

    Emails forwarded as attachments are read recursively — risk buried in a chain is never skipped.

    When an email is forwarded as an MSG attachment, Clawscan reads the embedded message — not just the outer email wrapping it. Risk buried inside a forwarded chain is detected, not skipped. Clawscan reads up to two levels of nesting — covering the vast majority of real-world forwarding patterns.

    Recursive email chain scan
    K. Durand
    FW: Q3 tender — align
    SAFE
    A. Laurent
    Re: Pricing sync
    WARNING
    Nested chain scanned recursively

  • Domain activation

    Each legal domain is an independent AI model — activate only what's relevant to your organisation.

    Clawscan's legal domains are independent AI models. You activate only the ones relevant to your compliance programme — credits are only consumed for active domains. New domains are added on a continuous basis and can be activated as your needs expand. Starting with Competition Law today. Other major compliance domains will be added in the coming months, covering the full spectrum of legal risk in digital communications.

    Domain configuration
    Competition Law
    Confidential Information & Trade Secrets
    Workplace Harassment
    Conflict of Interest

  • Customisation

    Industry- or organisation-specific detection rules and bespoke scenario packs for unique risk profiles.

    Standard detection models cover the regulatory frameworks that apply to most organisations. Customisation adds depth for organisations with specific industry risk profiles, internal nomenclature, or monitoring requirements that go beyond the standard domains. Optional features for those organisations willing to go the extra mile.

    Customisation — Some examples
    T&M · Layer 3 pricing
    Industry-specific regulationsad-hoc
    Custom scenario — Organisation-specific rulesad-hoc
    Monitoring-as-a-servicecontinuous
    Other customisationsad-hoc
Frequently asked questions

Technical questions, answered plainly.

Does Shield cost extra compared to Guard?
No. Both Shield and Guard are included in the Layer 1 platform setup fee. They share the same annual credit pool from Layer 2. You pay once for the platform and choose which modes to activate.
Can we exclude personal or sensitive emails from scanning?
Yes — via privacy filtering. Configure one or more subject-line keywords (e.g. [Private], [Confidential]) and any matching email is skipped entirely, never entering the scan pipeline. The keyword list is fully client-controlled and can be updated at any time.
Can we control which employees are monitored?
Yes, fully. A single Entra ID security group controls who is in scope for both Shield and Guard. Adding an employee to the group activates the modes it is used in. Removing them deactivates both. Dynamic groups can be supported for attribute-based scoping (depending on your actual configuration; to be confirmed).
Does Clawscan scan email attachments?
Yes. Attachment scanning covers PDFs (structured and unstructured), Word documents (.docx), Excel files (.xlsx), images (PNG, JPG), calendar files (.ics), and embedded email files (.msg). When an email is forwarded as an attachment, the embedded message is scanned recursively. The supported list is updated regularly.
Can we activate only specific legal domains?
Yes. Each legal domain is an independent AI model that can be activated or deactivated independently. Credits are only consumed for active domains. You can e.g. start with Competition Law today and activate additional domains as they become available and as your compliance programme expands.

See Clawscan in action.

Ready to close the blind spot? Book a demo or get in touch — we'll show you what Clawscan looks like for your organisation.

Book a demo →