DataLeakTest
DLP Validation and Testing

 please contribute by turning off ad blockers for this site 

Your public IP address is: 3.235.45.196; more info

Updated 3/10/2020

 

SSL is: off ; more info

DLP Auditor

POST Test

GET Test

Upload Test

Email Test

FTP Testing

Session Info

About DLT

Data Loss Prevention (DLP) Self Tests

Built by Engineers for Engineers

 

How to use this site; DLP PHI Testing (23 min)

Test all browser based data leaks here!

Data Fact: Web based data leaks happen through browser http "post", "file upload", or "get".

This site is for testing and tuning of DLP, CASB, and UEBA solutions. 

For Compliance and Data Security; test your policies and controls as required by most standards: to test & tune as part of a continuous improvement model.

The below tests challenge the ability for an organization to prevent and detect sensitive data leaks.


 
POST data to a web page
the most common way data is leaked 		GET data to a web page
most commonly unchecked method of data loss
File Upload data leakage
most common for large data leaks 		Email data leakage
most common for accidental data leaks
DLP threshold testing
Credit Cards, US SSN, Medical records, and Sample data pre loded and ready to instantly test increments of 1, 5, 10, and 30.		 FTP Cloud Client extraction testing
Test data exfiltration over FTP leverging our external FTP testing client.
 


 

  The most trusted DLP test site since 2011  
 

 

Most data leaks are sourced from Shadow IT or personal file storage, personal email, and personal chat apps. This type of leakage is what we test for on this site.

The other cause of large data breaches is ransomware and data stealing malware that executes as the user. The large majority of these threats come through fraudulent email. Test email fraud defenses at emailSpoofTest.com

Another is a direct attack on cloud apps or physical infrastructure. Direct attack is risky and difficult for an attacker and relatively rare.

By preventing your data from going to unknown destinations on the web you can  prevent shadow IT and data misuse. Use this site to test all of the different ways data can be leaked to an untrusted destination.

 

  
 

There are 2 major ways data is leaked;

1) Internal Theft (Users being users)

     a. Sending Data where it should not go

   b. Tricked into sending Data where it should not go

2) External theft (Bad people being bad)

     a. Attacking the user (see item 1)

     b. attacking infrastructure

  
 

 

As outlined above, data risk is mostly from users and sometimes "bad actors". The bottom line is; if you can prevent an "insider" from misusing the data then an attacker or malware will also be under the same data constraints

  
     
 


Federal agencies and Enterprises of all sizes use this site to test the ability to leak or exfiltrate sensitive data by uploading data out to dataleaktest.com servers.

This site is also used by these agencies for mandatory DLP solution validation for Governance, Risk, and Compliance (GRC) frameworks such as: HIPAA, PCI DSS, ISO 27002, NIST 00-53, CIS CSC Top 20, COBIT5, ITIL, FERC/ NERC, NIPSOM, and UL 2900.

The site is also popular for proof of concept (POC) / product evaluations to compare efficacy of competing solutions like Symantec, McAfee, Digital Guardian, Forcepoint, Fidelis to name some of the most popular.

The tests on this site challenges the ability for an organization to prevent and detect sensitive data leaks.

The most common data exfitration methods are: user error, unsecure business processes, shadow IT, insider threats, IOT, compromised assets, malware & bot based data theft.		  




Medical industry DLP challenges (6 min)

---ads here to fund our site, please turn ad blockers off---

*** Try the new DLP threshold testing "Mega Test" ***

Test 1: POST to a web page -the most common way data is leaked

Test 2: GET from a web page -the hardest leak to detect

Test 3: File Upload -how large data leaks happen

Test 4: Email -most common accidental leaks


---ads here to fund our site, please turn ad blockers off---
  Test Data: sample-data.csv     sample-data.pdf     sample-data.xls     Page


  
     
  The above tests are designed to determine the effectiveness of a Data Loss Prevention (DLP) solutions. This site is commonly used for the following;
  

  • DLP Tuning

  • Data Risk Assessments

  • DLP systems health and ROI check

  • DLP upgrade and implementation

  • DLP Solution selection

  • CASB DLP Testing

  • UEBA -Behavioral analytics tuning

  • Critical Asset Protection testing

 

 
 

---ads here to fund our site, please turn ad blockers off---

Donate to help build free tools: donations help to pay the bills

---ads here to fund our site, please turn ad blockers off---

Free expert DLP help from top experts

 

 

Have data security questions? Want expert advice? Just want to say hello or give suggestions?

Please use the form to instantly message our team.
Name:  
Email:  
Phone:  
Message:

---ads here to fund our site, please turn ad blockers off---

---ads here to fund our site, please turn ad blockers off---
 


2020 IGNITE Cyber Security