Full forensic investigation of any vendor—what they actually do vs. what they claim. Court-ready evidence in 72 hours.
Before you sign. Before you renew. Before you sue.
That vendor's privacy policy claims they "never sell data to third parties" and "only collect data with explicit consent."
Our investigation found 14 undisclosed data recipients, including three ad networks, syncing your customers' PII within 200ms of page load—before the consent banner even rendered.
Their SOC2 didn't catch it. Their DPA didn't disclose it. Now it's your liability.
Real findings from real investigations. This is what vendors don't want you to see.
"No tracking before consent"
7 network calls initiated before consent banner rendered
"Data never leaves the EU"
PII transmitted to 3 US-based endpoints within 150ms
"No third-party sharing"
Browser sync with 14 undisclosed processors including ad networks
"Respects user opt-out"
Tracking continues post-rejection via fingerprinting fallback
Source: BLACKOUT forensic investigations // Anonymized findings from actual engagements
A defeat device is code specifically designed to detect compliance auditors, legal discovery tools, and researchers—then behave differently for them than for real users.
/headless|phantom|selenium|webdriver|puppeteer|playwright|monitor|checker|validator|analyzer/iWe found 42 such patterns in a single vendor. If your audit tools didn't trigger these flags, you never saw what the vendor actually does.
This isn't theoretical. We've done the work. Here's the proof.
Our methodology exposed 42 defeat device patterns in a single investigation, triggered an industry-wide disclosure review for a company distributing surveillance tools to 5,000+ customer sites, and built the forensic infrastructure that security researchers and privacy counsel now rely on.
You're 2 weeks from signing a $200K/year contract. The vendor's security questionnaire came back clean. Their SOC2 looks fine. But something feels off.
Know what you're actually buying before the ink dries.
You're 60 days from trial. Opposing counsel just requested evidence of what your data processors did with PII. You need forensic documentation that proves exactly what happened in the browser—with chain of custody.
Evidence that holds up in court.
The target looks clean on paper. But their website runs 47 third-party scripts you've never heard of. What's hiding in their GTM layer?
Know the risk before you acquire it.
Your team flagged a vendor but can't explain why. The vendor claims they're 'GDPR compliant' and 'privacy-first.' You need technical proof, not marketing claims.
Answers IT can't find on their own.
Vendor name, your use case, what you're trying to learn. We confirm scope within 4 hours.
Full forensic scan: scripts, cookies, network behavior, consent handling, data flows, third-party connections, defeat device detection, claims vs. observed reality.
Complete evidence package delivered within 72 hours. HAR files, deobfuscated code, network captures, screenshots, chain of custody documentation.
30-minute readout call (optional) + 14 days of follow-up support included.
You're not buying a report—you're commissioning intelligence work.
A named analyst assigned to your case. Direct communication channel throughout the engagement.
Vendor-specific risk analysis mapped to the Four Horsemen framework. What they do, how they do it, what it means for your business.
Where data actually goes. Every endpoint, every third party, every downstream processor. The full graph.
Disclosed vs. observed processors. Who they say they share with vs. who actually receives your data.
What's hiding in those blob URLs and minified scripts? We reverse it and document the behavior.
Does the vendor behave differently when observed? We detect audit evasion patterns your tools can't see.
Actionable intelligence formatted for your team.
Everything you need for legal, compliance, or the board.
2-3 page summary for leadership. Key findings, risk assessment, recommended actions.
Full findings with evidence. Code analysis, network behavior, consent audit, defeat device documentation.
Machine-readable IOCs. Import directly into your security tools, SIEMs, or block lists.
Timestamped network captures. Full HTTP traffic for forensic replay and verification.
Timestamped visual evidence. Consent states, network panels, behavior documentation.
One-time engagements. No subscription required. Volume discounts available.
One vendor deep-dive investigation
Evaluating a shortlist
Stack segment audit
Full GTM stack investigation
The intelligence costs less than the first month of the tool you're evaluating.
Full evidence package delivered within 72 hours of scope confirmation, or your money back.
That's the point. We investigate any vendor—whether we've profiled them before or not. You're commissioning original intelligence.
Same way an attacker or shady vendor would: from the outside. Controlled browser sessions, public endpoints, observable behavior. No agents, no credentials, no access to your infrastructure.
72 hours from scope confirmation. 24-hour rush available for +$500.
PDF report with executive summary + technical appendix. Evidence files (HAR, screenshots, deobfuscated code) delivered separately. Everything you need for legal, compliance, or the board.
The evidence package is designed to be court-ready. Chain of custody documented, timestamps verified, methodology defensible. We've built this for exactly that purpose.
We specifically test for audit evasion. If a vendor behaves differently when they think they're being observed, we'll find it and document it. Most compliance tools can't detect this. We can.
Bundle pricing available ($1,200/vendor for additional vendors in the same engagement). If you need ongoing coverage, we'll talk about INTEL or EVIDENCE subscriptions—but no pressure.
Most RECON customers end up subscribing once they see the depth. This is the fastest way to experience what BLACKOUT actually does.
See subscription plans