Congrats to Casepoint for the announcement that Casepoint completes CMMC Level 2 reinforcing its position as legal tech security leader! Here’s a portion of the press release, the full release is here!

Casepoint Completes CMMC Level 2, Reinforcing Its Position as Security Leader in Legal Technology

Casepoint Achieves CMMC Level 2 Compliance: Extending DOD IL5/IL6 Security to Defense Industrial Base Ecosystem

WASHINGTON, January 28, 2026 – Casepoint, a leader in end-to-end legal, regulatory, and compliance solutions for government agencies and leading corporations, today announced its completion of Cybersecurity Maturity Model Certification (CMMC) Level 2 self-assessment, further solidifying its position as one of the most security-credentialed legal technology platforms for the U.S. Department of War (DOW) and defense industrial base.

CMMC Level 2 incorporates the NIST SP 800-171 framework, which requires implementation of 110 security controls. Casepoint’s completion demonstrates that its existing security infrastructure, already validated to operate at classified levels, meets and exceeds this standard.

The achievement builds on Casepoint’s existing portfolio of Department of Defense (DOD) Impact Level authorizations, including Impact Level 5 (IL5) for handling controlled unclassified information (CUI) and Impact Level (IL6) for supporting secret-level data. Casepoint is the only legal technology provider with either of those authorizations and is one of six cloud providers globally with IL6. Only Amazon, Google, Microsoft, Oracle, and Palantir share this distinction with Casepoint.

“Casepoint operates at the highest classification levels for the DOW,” said Usha Raj, Senior Director of Information Services, Risk and Compliance, at Casepoint. “CMMC Level 2 extends that same rigor across the broader defense industrial base ecosystem. For contractors managing CUI, this credential ensures alignment with DOW cybersecurity expectations and positions their supply chains to meet evolving federal requirements.”

Corporations and government agencies face the same fundamental challenge: fragmented technology environments that introduce risk at every turn. Organizations need platforms that safeguard data and maintain the highest levels of security, especially as cyber threats continue to expand and the U.S. cybersecurity market is projected to grow to USD 98.11 billion by 2030.

“The threat landscape is accelerating,” said Sundhar Rajan, Chief Information Officer at Casepoint. “Government agencies need vendors that have already implemented the controls they’re asking for, not vendors that are checking boxes for the first time. Our IL5/IL6 authorizations prove we operate at the highest standards. CMMC Level 2 simply extends that commitment across the defense industrial base.”

CMMC Level 2 compliance complements Casepoint’s broader security portfolio, which includes FedRAMP® Moderate and High, GovRAMP, SOC 1 and SOC 2 Type II, ISO 27001, and multiple DOD Impact Level authorizations. Together, these credentials reflect Casepoint’s leadership in the market and its ongoing commitment to rigorous security standards.

Congrats again to Casepoint for the announcement that Casepoint completes CMMC Level 2 reinforcing its position as legal tech security leader! Another impressive security achievement!

So, what do you think? Please share any comments you might have or if you’d like to know more about a particular topic.

Disclosure: Casepoint is an Educational Partner and sponsor of eDiscovery Today

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by my employer, my partners or my clients. eDiscovery Today is made available solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscovery Today should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.