SAASPOCALYPSEverdict #HARVEY-7D54
scanned 2026.05.05 · 12:28
subject of investigation

harvey.ai

AI platform for legal professionals
verdictCONTESTED
wedge score
59
/100
wedge thesis

the door is vertical focus: Harvey targets AmLaw 100 firms with enterprise pricing, leaving mid-market and solo practitioners underserved by a product they can't afford and can't access without a demo call.

real walls — pick your flank·ship in 10 weeks·run for $47.00 + usage
the doornetwork
wedge

where the walls are.

methodology →
the door

no network effect to overcome — users don't compound users.

watch out

their capital wall is real — ongoing capex puts a floor under any clone.

capital
5.0/10
investment the incumbent had to make
why this scoremedium confidenceHarvey's capital moat is real but not fortress-level. The primary non-software spend is enterprise sales (demo-gated...

Harvey's capital moat is real but not fortress-level. The primary non-software spend is enterprise sales (demo-gated motion, AE/SE headcount for AmLaw 100 relationships) and compliance certification costs (SOC 2 Type II + ISO 27001 at $20–50K in auditor fees plus 6–12 months of effort). These are meaningful barriers for a solo indie builder but not insurmountable for a small funded team. There is no proprietary infra, inventory, payments risk, or heavy implementation services cited. The compliance posture is the dominant capital signal.

  • SOC 2 Type II and ISO 27001 certifications listed — auditor fees $20–50K, 6–12 month timeline per the report
  • Demo-gated enterprise sales motion implies dedicated sales headcount and relationship capital with AmLaw 100 firms
  • No proprietary hardware, inventory, or payments infrastructure mentioned
technical
3.0/10
depth of the underlying engineering
why this scorehigh confidenceThe report explicitly states the core product is 'technically achievable with off-the-shelf LLM APIs and a...

The report explicitly states the core product is 'technically achievable with off-the-shelf LLM APIs and a domain-specific prompt layer.' PDF parsing, RAG pipelines, and chat-over-documents are well-trodden patterns with abundant starter kits. The hardest technical challenges cited (audit logs, data lifecycle, multi-tenancy) are tedious but not algorithmically novel. Legal-domain prompt tuning is a real time sink but not a defensible moat — it can be replicated. No evidence of proprietary models, novel algorithms, real-time collaboration complexity, or hard integrations that would raise this score.

  • Report states: 'core product is technically achievable with off-the-shelf LLM APIs and a domain-specific prompt layer'
  • RAG pattern with LangChain/LlamaIndex described as 'well-trodden path, plenty of starter kits'
  • PDF parsing handled by pdf-parse or LlamaParse — commodity tooling
networkdoor
2.0/10
users compound users
why this scorehigh confidenceLegal AI document analysis is fundamentally a single-player tool — a lawyer uploads documents and gets answers. There...

Legal AI document analysis is fundamentally a single-player tool — a lawyer uploads documents and gets answers. There is no marketplace, no UGC flywheel, no social graph, no partner/app ecosystem, and no multi-sided liquidity described. Enterprise sales relationships provide some lock-in at the firm level but that is a switching/capital signal, not a network effect. No viral loops are evident in a demo-gated enterprise motion.

  • Product described as document Q&A, contract analysis, legal research — all single-user workflows
  • Demo-gated sales motion with no self-serve tier eliminates viral/PLG network loops
  • No marketplace, partner ecosystem, or app store mentioned
switching
5.0/10
stickiness of customer data + workflow
why this scoremedium confidenceSwitching costs are moderate. Firms that adopt Harvey embed it into document review and research workflows, creating...

Switching costs are moderate. Firms that adopt Harvey embed it into document review and research workflows, creating procedural lock-in and staff retraining costs. Audit logs and data lifecycle configurations represent accumulated state. However, the underlying documents are the firm's own — they are not trapped in Harvey. There is no proprietary data format or deep system-of-record integration (e.g., no billing, matter management, or docketing integration cited) that would make migration painful. The switching cost is primarily workflow habit and compliance re-certification, not data gravity.

  • Workflow integration into document review and legal research creates procedural switching costs
  • Audit logs and configurable retention policies represent accumulated compliance configuration
  • Documents are firm-owned and uploadable elsewhere — no data gravity trap
data
4.0/10
proprietary data accumulates over time
why this scorelow confidenceHarvey likely accumulates behavioral data from how AmLaw 100 lawyers interact with legal documents — query patterns,...

Harvey likely accumulates behavioral data from how AmLaw 100 lawyers interact with legal documents — query patterns, corrections, preferred outputs — which could inform fine-tuning or retrieval improvements over time. However, there is no explicit evidence of a proprietary legal corpus, fine-tuned models, or a documented data flywheel. The report frames Harvey's AI as a 'domain-specific prompt layer' over commodity LLMs, suggesting the data moat is nascent rather than established. Confidence is low because Harvey's actual model training practices are not publicly disclosed.

  • Report characterizes Harvey as 'off-the-shelf LLM APIs and a domain-specific prompt layer' — implies no confirmed proprietary model
  • AmLaw 100 usage at scale would generate valuable behavioral data over time, but this is speculative
  • No mention of proprietary legal corpus, fine-tuned models, or exclusive data partnerships
regulatory
5.0/10
real licenses, not SOC 2 theater
why this scoremedium confidenceLegal AI sits adjacent to regulated territory but is not itself directly regulated in the way fintech or healthcare...

Legal AI sits adjacent to regulated territory but is not itself directly regulated in the way fintech or healthcare AI is. The primary regulatory friction is compliance certification (SOC 2 Type II, ISO 27001, GDPR) required by enterprise law firm security reviews — these are real gatekeepers but are achievable certifications, not licenses or regulated duties. There is no money transmission, HIPAA, FINRA, or clinical data obligation. Bar association ethics rules around AI use are emerging but not yet a hard regulatory moat. The compliance posture is a meaningful barrier for a solo builder but not a fortress.

  • SOC 2 Type II and ISO 27001 listed — required by enterprise law firm security reviews, 6–12 months to obtain
  • GDPR compliance mentioned — relevant for international firm data
  • No HIPAA, FINRA, KYC/AML, money transmission, or clinical EHR obligations identified
distribution
3.3/10
brand SERP grip, knowledge graph, news flow
take

the blunt take.

Harvey is a well-funded, enterprise-only legal AI with a demo-gated sales motion and no self-serve tier. That's a deliberate choice — and a deliberate opening for anyone willing to serve the lawyers who can't get a callback.

The core product — document Q&A, contract analysis, legal research — is technically achievable with off-the-shelf LLM APIs and a domain-specific prompt layer. Harvey's real moat is its enterprise sales relationships and compliance posture (SOC 2, ISO 27001, GDPR), not the underlying AI. A contender aimed at solo attorneys, boutique firms, or in-house teams at mid-sized companies doesn't need to beat Harvey on features — it just needs to be accessible and priced for humans.

cost

cost of competing.

what they charge
Enterprise (demo-gated)
custom
/ seat/mo
No self-serve. No public pricing. Estimated $200–$500+/seat/mo at enterprise scale.
annual:custom
what running yours costs
01 · Vercel Pro (Next.js, confirmed by signals)$20.00
02 · Supabase Pro (document storage, user data, audit logs)$25.00
03 · OpenAI / Anthropic API (document analysis, Q&A)??? — scales with usage
04 · Cloudflare R2 (PDF/doc storage)$1.00
05 · Resend (transactional email)$0.00
06 · Domain$1.00
07 · Sentry free tier (error tracking)$0.00
08 · OAuth (Google/Microsoft SSO)$0.00
TOTAL / mo$47.00 + usage
▸ break-even:immediately for any solo attorney — Harvey's enterprise pricing almost certainly exceeds $200/seat/mo, and your build runs at ~$72/mo flat regardless of seat count.
build

what you're up against.

2 weeks prompt engineering + document pipeline · 3 weeks core UI (chat, doc upload, analysis views) · 2 weeks auth + multi-tenancy · 2 weeks compliance basics (audit logs, data retention) · 1 week polish + waitlist launch
easy
medium
hard
nightmare
01
easy
Document upload + text extraction
PDF parsing with pdf-parse or LlamaParse. Handles 90% of legal docs out of the box.
02
easy
Chat UI over documents
RAG pattern with LangChain or LlamaIndex. Well-trodden path, plenty of starter kits.
03
medium
Multi-tenancy + data isolation
Each firm's documents must be strictly isolated. Row-level security in Supabase handles this, but you have to actually configure it correctly.
04
medium
Legal-domain prompt tuning
Generic LLM answers are mediocre on jurisdiction-specific questions. Prompt engineering + retrieval grounding is a real time sink.
05
hard
Audit logs + data lifecycle controls
Enterprise buyers (even mid-market) expect immutable audit trails and configurable retention. Not hard to build, but tedious to get right and easy to get wrong.
06
nightmare
SOC 2 Type II + ISO 27001 certification
Harvey lists both. Getting certified takes 6–12 months and $20–50K in auditor fees. Without it, you're locked out of any firm with a real security review process.
stack

their position.

detected signals· measured
hostingVercelframeworkNext.js
recommended stack · inferred
inferNext.js 15 (Vercel, confirmed)inferSupabase (Postgres + RLS + Storage)inferLlamaIndex or LangChain (RAG pipeline)inferOpenAI / Anthropic API (GPT-4o or Claude 3.5)inferCloudflare R2 (document storage)
rivals

who else has tried this.

option A
Spellbook (self-serve legal AI)
Contract-focused, has a free trial, integrates with Word. Already exists and is cheaper than Harvey.
option B
ChatGPT / Claude directly
Zero cost, surprisingly capable for legal Q&A. The substitute most solo attorneys are already using.
option C
Clio + AI add-ons
Practice management with AI features bolted on. Mid-market law firms already pay for it.
compare

similar scans.

same shape - different moat
rippling.com
CONTESTED
all-in-one HR, IT, and finance platform
33 /100-266 months
+ role-based access control
vs.compare →
okta.com
FORTRESS
enterprise identity & access management platform
26 /100-333 months
+ hipaa compliance
vs.compare →
palinga.com
CONTESTED
AI-native modular ERP
58 /100-18–12 weeks
+ integrations, role-based access control +1
vs.compare →
asana.com
CONTESTED
team project & task management
55 /100-48 weeks
+ serverless / edge platform, automations +1
vs.compare →
github.com
FORTRESS
AI-powered developer platform
20 /100-39
+ integrations, marketplace +1
vs.compare →
grammarly.com
CONTESTED
AI writing assistant & grammar checker
47 /100-128 weeks
+ frontend cloud platform, integrations +1
vs.compare →
ready to wedge in?
Get the wedge plan. Cancel some plans.
▸ generated with love, by a heartless robotverdict v2.5 · saaspocalypse.dev