|
Data Loss Prevention (DLP) Self Tests
Built by Engineers for
Engineers
|
|
Test all browser based
data leaks
here!
Data Fact: Web based data leaks happen through
browser http "post", "file upload", or "get".
| |
|
|
| |
DLP threshold
testing
Credit Cards, US SSN, Medical
records, and Sample data pre loded and redy to instantly
test increments of 1, 5, 10, and 30. |
|
| |
The most trusted DLP test site since 2011 |
|
| |
Most data leaks are sourced
from Shadow IT or personal file storage, personal email,
and personal chat apps. This type of leakage is what we test
for on this site.
The other cause of large
data breaches is ransomware and data stealing malware
that executes as the user. The large majority of these
threats come through fraudulent email. Test email fraud
defenses at
emailSpoofTest.com
Another is a direct attack
on cloud apps or physical infrastructure. Direct
attack is risky and difficult for an attacker and
relatively rare.
By preventing your data
from going to unknown destinations on the web you can
prevent shadow IT and data misuse. Use this site to test
all of the different ways data can be leaked to an
untrusted destination.
|
|
| |
There are 2 major ways data
is leaked;
1) Internal Theft (Users being users)
a. Sending Data where it should not go
b. Tricked
into sending Data where it should not go
2) External theft (Bad
people being bad)
a.
Attacking the user (see item 1)
b.
attacking infrastructure
|
|
| |
As you can see by the above
breakdown, data risk is mostly from users and sometimes
"bad actor". The bottom line is; if you can prevent an "insider" from misusing the data then an attacker
or malware will also be under the same data constraints
|
|
| |
|
|
| |
Federal agencies and
Enterprises of all sizes use this site to test the ability to
leak or exfiltrate sensitive data by uploading data out to
dataleaktest.com servers.
This site is also used by these
agencies for mandatory DLP solution validation for Governance, Risk, and
Compliance (GRC) frameworks such as: HIPAA, PCI DSS, ISO 27002, NIST
00-53, CIS CSC Top 20,
COBIT5, ITIL, FERC/ NERC, NIPSOM, and UL 2900. br>
The site is also
popular for proof of concept (POC) / product evaluations to
compare efficacy of competing solutions
like Symantec, McAfee, Digital Guardian, Forcepoint, Fidelis to
name some of the most popular.
The tests on this site
challenges the ability for an organization to prevent and detect
sensitive data leaks.
The most common data exfitration
methods are: user error, unsecure business processes, shadow IT,
insider threats, IOT, compromised assets, malware & bot based
data theft. |
|
|
|
|
 |
|
 |
|
|
Test Data:
sample-data.csv
sample-data.pdf
sample-data.xls
Page
 |
|
| |
The above tests are designed to
determine the effectiveness of a Data Loss Prevention
(DLP) solutions. This site is commonly used for the following;
|
|
-
DLP Tuning
-
Data Risk Assessments
-
DLP systems health and ROI check
-
DLP upgrade and implementation
-
DLP Solution selection
-
CASB DLP Testing
-
UEBA -Behavioral analytics tuning
-
Critical Asset Protection testing
|
Donate to help build free tools:
donations help to pay the bills
Free expert DLP help! Contact us
instantly.
|
|
Have data security questions? Want expert advice? Just
want to say hello or give suggestions?
Please use the form to
instantly message our team.
|
|
