Data Leak Test

Data Security Testing & Tuning

Test and tune; DLP, CASB, and UEBA solutions.

For Compliance and Data Protection; test and tune policies and controls as required by most frameworks & standards as part of a continuous improvement model.

Data Fact: Web based data leaks happen through browser http "post", "file upload", or "get".

The below tests challenge the ability for an organization to prevent and detect sensitive data leaks.

Select one of the tests below or pick from the navigation bar above

Test 1: POST the most common way data is leaked Post tests this month: 15171 Post leaks this month: 0 Post tests today: 39 Post leaks today: 0 35.173.234.169 tested 0 times and leaked data via post 0 times this month	Test 2: GET most commonly unchecked method of data loss Get tests this month: 2172 Get leaks this month: 0 Get tests today: 2 Get leaks today: 0 35.173.234.169 tested 0 times and leaked data via get 0 times this month
Test 3: File Upload most common for large data leaks File uploads this month: 865 File uploads today: 8 35.173.234.169 tested 0 files today and 0 uploads this month	Test 4: email data most common for accidental data leaks
DLP threshold auditing Credit Cards, US SSN, Medical records, and Sample data pre loaded and ready to instantly test increments of 1, 5, 10, and 30. Audits this month: 58 Audits today: 0 35.173.234.169 tested 0 times today and 0 times this month	FTP cloud client extraction testing Test data exfiltration over FTP leverging our external FTP testing client. FTP uploads this month: 159 FTP uploads today: 0 35.173.234.169 tested 0 files today and 0 files this month

Find stats for a specific IP:

---trusted partner test site---

----------------------
Fight ransomware and phishing
with our email fraud testing platform!

	DLP testing since 2011
	Most data leaks are sourced from Shadow IT or personal file storage, personal email, and personal chat apps. This type of leakage is what we test for on this site. The other cause of large data breaches is ransomware and data stealing malware that executes as the user. The large majority of these threats come through fraudulent email. Test email fraud defenses at emailSpoofTest.com Another is a direct attack on cloud apps or physical infrastructure. Direct attack is risky and difficult for an attacker and relatively rare. By preventing your data from going to unknown destinations on the web you can prevent shadow IT and data misuse. Use this site to test all of the different ways data can be leaked to an untrusted destination.
	There are 2 major ways data is leaked; 1) Internal Theft (Users being users) a. Sending Data where it should not go b. Tricked into sending Data where it should not go 2) External theft (Bad people being bad) a. Attacking the user (see item 1) b. attacking infrastructure
	As outlined above, data risk is mostly from users and sometimes "bad actors". The bottom line is; if you can prevent an "insider" from misusing the data then an attacker or malware will also be under the same data constraints

	Federal agencies and Enterprises of all sizes use this site to test the ability to leak or exfiltrate sensitive data by uploading data out to dataleaktest.com servers. This site is also used by these agencies for mandatory DLP solution validation for Governance, Risk, and Compliance (GRC) frameworks such as: HIPAA, PCI DSS, ISO 27002, NIST 00-53, CIS CSC Top 20, COBIT5, ITIL, FERC/ NERC, NIPSOM, and UL 2900. The site is also popular for proof of concept (POC) / product evaluations to compare efficacy of competing solutions like Symantec, McAfee, Digital Guardian, Forcepoint, Fidelis to name some of the most popular. The tests on this site challenges the ability for an organization to prevent and detect sensitive data leaks. The most common data exfitration methods are: user error, unsecure business processes, shadow IT, insider threats, IOT, compromised assets, malware & bot based data theft.