Enterprise-grade controls for organizations that require strict governance over forensic analysis tools. Full audit trails, role-based access, policy enforcement, and centralized management.
Four configurable roles ensure every team member has exactly the access they need, and nothing more.
Full control over all system settings, users, and policies
Create projects, run analyses, generate reports
View results, add annotations, export reports
View-only access for oversight
Tamper-evident audit logging records every action with timestamp, user identity, operation details, and cryptographic hash. The audit trail itself is cryptographically signed.
ISO 8601 timestamp with millisecond precision
Authenticated user identity performing the action
Specific operation performed (e.g., IMPORT_VIDEO, RUN_TRANSCRIPTION, EXPORT_REPORT)
The file, project, or resource affected by the action
SHA-256 hash of the audit entry for tamper detection
Additional context: IP (local), device ID, session ID, parameters used
{
"timestamp": "2026-02-27T14:32:07.841Z",
"user": "j.martinez@defensefirm.com",
"role": "Analyst",
"action": "RUN_TRANSCRIPTION",
"target": "bodycam_officer_jones_2026-01-15.mp4",
"source_hash": "a7ffc6f8bf1ed76651c14756...",
"result_hash": "e3b0c44298fc1c149afbf4c8...",
"entry_hash": "9f86d081884c7d659a2feaa0...",
"previous_entry_hash": "5e884898da28047151d0e56f..."}Each entry's hash includes the previous entry's hash, creating a cryptographic chain. Any modification to any entry breaks the chain and is immediately detectable.
Enforce security policies across your organization with configurable controls managed by your administrators.
Enforce minimum password length, complexity (uppercase, lowercase, numbers, symbols), expiration periods, and password history (no reuse of last N passwords). Integrates with macOS password policies.
Configurable inactivity timeout (1 minute to 8 hours, default 15 minutes). Auto-lock requires re-authentication. Forced logout after configurable maximum session duration.
Automatic project lock when the device sleeps, screen locks, or the application loses focus (configurable). Biometric re-authentication (Touch ID) for rapid re-access without compromising security.
Administrators can restrict which roles may export data and in what formats. Watermarking of exported reports with user identity and timestamp. Export activity is logged in the audit trail.
Deploy, configure, and manage FrameCounsel across your organization using your existing device management infrastructure.
Full compatibility with enterprise Mobile Device Management solutions. Deploy FrameCounsel silently across your fleet using JAMF, Mosyle, Kandji, or any MDM that supports macOS managed installs.
Command-line installer supports silent, unattended installation with configurable parameters. Pre-configure default settings, license keys, and organizational policies during deployment.
Administrators control update rollout schedules. Stage updates to a test group before organization-wide deployment. Automatic rollback capability if issues are detected.
Deploy organizational settings via macOS configuration profiles. Enforce security policies, default preferences, and access controls across all managed devices centrally.
Manage seats, track usage, and maintain administrative reporting from a single admin dashboard.
Assign and revoke licenses from a centralized admin dashboard. Transfer seats between team members. View real-time seat utilization across your organization.
Monitor adoption metrics: active users, analysis volume, feature utilization. All tracking is aggregate and privacy-preserving — no individual case data is collected.
Generate administrative reports showing license utilization, user access patterns, and policy enforcement status. Exportable in standard formats for auditors.
Set organization-wide data retention policies that automatically enforce your compliance requirements.
Administrators define retention periods per project type or data category. Policies can vary by case status (active, closed, archived).
When retention periods expire, the Software flags projects for review or automatic deletion. Administrators receive notifications before data is removed.
Place individual projects or entire categories on legal hold to prevent deletion regardless of retention policy. Legal holds are logged in the audit trail.
All retention policy changes, deletions, and legal hold actions are logged in the tamper-evident audit trail with full attribution.
Get the complete administration guide covering all governance features, deployment playbooks, and configuration references for your IT and security team.