Data Leak Test

Audit web-based data leaks here!

This site is for testing and tuning of DLP, CASB, and UEBA solutions.

For Compliance and Data Protection; test your policies and controls as required by most standards: to test & tune as part of a continuous improvement model.

Data Fact: Web based data leaks happen through browser http "post", "file upload", or "get".

The below tests challenge the ability for an organization to prevent and detect sensitive data leaks.

Select one of the tests below or pick from the navigation bar above

Web page data leak: Test 1 - POST the most common way data is leaked	Web page data leak: Test 2 - GET most commonly unchecked method of data loss
File upload to web: Test 3 most common for large data leaks	Email data leakage: Test 4 most common for accidental data leaks
DLP threshold auditing Credit Cards, US SSN, Medical records, and Sample data pre loded and ready to instantly test increments of 1, 5, 10, and 30.	FTP cloud client extraction testing Test data exfiltration over FTP leverging our external FTP testing client.

---trusted partner test site---

	The most trusted DLP test site since 2011
	Most data leaks are sourced from Shadow IT or personal file storage, personal email, and personal chat apps. This type of leakage is what we test for on this site. The other cause of large data breaches is ransomware and data stealing malware that executes as the user. The large majority of these threats come through fraudulent email. Test email fraud defenses at emailSpoofTest.com Another is a direct attack on cloud apps or physical infrastructure. Direct attack is risky and difficult for an attacker and relatively rare. By preventing your data from going to unknown destinations on the web you can prevent shadow IT and data misuse. Use this site to test all of the different ways data can be leaked to an untrusted destination.
	There are 2 major ways data is leaked; 1) Internal Theft (Users being users) a. Sending Data where it should not go b. Tricked into sending Data where it should not go 2) External theft (Bad people being bad) a. Attacking the user (see item 1) b. attacking infrastructure
	As outlined above, data risk is mostly from users and sometimes "bad actors". The bottom line is; if you can prevent an "insider" from misusing the data then an attacker or malware will also be under the same data constraints

	Federal agencies and Enterprises of all sizes use this site to test the ability to leak or exfiltrate sensitive data by uploading data out to dataleaktest.com servers. This site is also used by these agencies for mandatory DLP solution validation for Governance, Risk, and Compliance (GRC) frameworks such as: HIPAA, PCI DSS, ISO 27002, NIST 00-53, CIS CSC Top 20, COBIT5, ITIL, FERC/ NERC, NIPSOM, and UL 2900. The site is also popular for proof of concept (POC) / product evaluations to compare efficacy of competing solutions like Symantec, McAfee, Digital Guardian, Forcepoint, Fidelis to name some of the most popular. The tests on this site challenges the ability for an organization to prevent and detect sensitive data leaks. The most common data exfitration methods are: user error, unsecure business processes, shadow IT, insider threats, IOT, compromised assets, malware & bot based data theft.