DLP Validation and Testing

 please contribute by turning off ad blockers for this site 

Your public IP address is:; more info

Updated 3/10/2020


SSL is: off ; more info

DLP Auditor


GET Test

Upload Test

Email Test

FTP Testing

Session Info

About DLT

Data Loss Prevention (DLP) Self Tests

Built by Engineers for Engineers


How to use this site; DLP PHI Testing (23 min)

Test all browser based data leaks here!

Data Fact: Web based data leaks happen through browser http "post", "file upload", or "get".

This site is for testing and tuning of DLP, CASB, and UEBA solutions. 

For Compliance and Data Security; test your policies and controls as required by most standards: to test & tune as part of a continuos improvement model.

The below tests challenge the ability for an organization to prevent and detect sensitive data leaks.

POST data to a web page
the most common way data is leaked
GET data to a web page
most commonly unchecked method of data loss
File Upload data leakage
most common for large data leaks
Email data leakage
most common for accidental data leaks
DLP threshold testing
Credit Cards, US SSN, Medical records, and Sample data pre loded and ready to instantly test increments of 1, 5, 10, and 30.
FTP Cloud Client extraction testing
Test data exfiltration over FTP leverging our external FTP testing client.

DLP for O365, Gmail, Box, DropBox, OneDrive, Gdrive, Teams, Slack and more!


  The most trusted DLP test site since 2011  


Most data leaks are sourced from Shadow IT or personal file storage, personal email, and personal chat apps. This type of leakage is what we test for on this site.

The other cause of large data breaches is ransomware and data stealing malware that executes as the user. The large majority of these threats come through fraudulent email. Test email fraud defenses at

Another is a direct attack on cloud apps or physical infrastructure. Direct attack is risky and difficult for an attacker and relatively rare.

By preventing your data from going to unknown destinations on the web you can  prevent shadow IT and data misuse. Use this site to test all of the different ways data can be leaked to an untrusted destination.



There are 2 major ways data is leaked;

1) Internal Theft (Users being users)

     a. Sending Data where it should not go

   b. Tricked into sending Data where it should not go

2) External theft (Bad people being bad)

     a. Attacking the user (see item 1)

     b. attacking infrastructure



As outlined above, data risk is mostly from users and sometimes "bad actors". The bottom line is; if you can prevent an "insider" from misusing the data then an attacker or malware will also be under the same data constraints


Federal agencies and Enterprises of all sizes use this site to test the ability to leak or exfiltrate sensitive data by uploading data out to servers.

This site is also used by these agencies for mandatory DLP solution validation for Governance, Risk, and Compliance (GRC) frameworks such as: HIPAA, PCI DSS, ISO 27002, NIST 00-53, CIS CSC Top 20, COBIT5, ITIL, FERC/ NERC, NIPSOM, and UL 2900.

The site is also popular for proof of concept (POC) / product evaluations to compare efficacy of competing solutions like Symantec, McAfee, Digital Guardian, Forcepoint, Fidelis to name some of the most popular.

The tests on this site challenges the ability for an organization to prevent and detect sensitive data leaks.

The most common data exfitration methods are: user error, unsecure business processes, shadow IT, insider threats, IOT, compromised assets, malware & bot based data theft.

Medical industry DLP challenges (6 min)

---ads here to fund our site, please turn ad blockers off---

*** Try the new DLP threshold testing "Mega Test" ***

Test 1:
POST to a web page -the most common way data is leaked

Test 2: GET from a web page -the hardest leak to detect

Test 3: File Upload -how large data leaks happen

Test 4: Email -most common accidental leaks

---ads here to fund our site, please turn ad blockers off---

  Test Data: sample-data.csv     sample-data.pdf     sample-data.xls     Page

  The above tests are designed to determine the effectiveness of a Data Loss Prevention (DLP) solutions. This site is commonly used for the following;
  • DLP Tuning

  • Data Risk Assessments

  • DLP systems health and ROI check

  • DLP upgrade and implementation

  • DLP Solution selection

  • CASB DLP Testing

  • UEBA -Behavioral analytics tuning

  • Critical Asset Protection testing




---ads here to fund our site, please turn ad blockers off---

Donate to help build free tools: donations help to pay the bills

---ads here to fund our site, please turn ad blockers off---

Free expert DLP help from top experts



Have data security questions? Want expert advice? Just want to say hello or give suggestions?

Please use the form to instantly message our team.

---ads here to fund our site, please turn ad blockers off---

---ads here to fund our site, please turn ad blockers off---


2020 IGNITE Cyber Security