Data Loss Prevention Testing Suite

Validate your DLP solution's effectiveness across all protection vectors. Test data in motion, data in use, and data at rest.

Data in Motion Data in Use Data at Rest

DLP Testing Categories

Data Loss Prevention is traditionally divided into three categories. Use the tools below to test each vector of your DLP deployment.

Data in Motion

Test your DLP solution's ability to monitor and block sensitive data transmitted over the network via HTTP, HTTPS, FTP, and SMTP.

Data in Use

Validate endpoint DLP agents can detect sensitive data being copied, pasted, printed, or screen-captured on user workstations.

🗃

Data at Rest

Download sample files containing synthetic sensitive data to test discovery scanning on endpoints, file servers, and cloud storage.

DLP Tools

Utilities for testing, validating, and configuring DLP solutions.

.*

Regex Pattern Tester

Test and validate DLP detection patterns against sample data. Includes common presets for SSN, credit cards, emails, and more.

Open Tool
🔎

Data Classifier

Paste text and automatically identify sensitive data types present - PII, PCI, PHI, credentials, and custom patterns.

Open Tool
📊

DP Solution Composer

Toggle data protection products and features to see live coverage across channels and data types.

Open Tool
📄

Policy Generator

Generate DLP policy configurations for common platforms including Microsoft Purview, Symantec, Forcepoint, and more.

Open Tool
📝

Policy Builder / Interpreter

Build and interpret DLP policies for Digital Guardian, DCS Policy Manager, Titus, and generic formats.

Open Tool
#

File Hash Generator

Generate MD5, SHA-1, and SHA-256 hashes for files. Useful for exact data matching (EDM) and fingerprinting tests.

Open Tool

How to Use This Site

1

Configure Your DLP

Set up your DLP solution in monitor mode first. Create policies to detect PII, PCI, PHI, and other sensitive data types.

2

Run Tests

Use the testing tools to attempt transmitting sensitive data via HTTP POST, email, FTP, clipboard, and other channels.

3

Verify Detection

Check your DLP console to confirm incidents were created. Validate that the correct policies triggered and data was classified properly.

4

Switch to Block Mode

Once detection is verified, enable blocking mode and re-run the tests to confirm your DLP solution actively prevents data exfiltration.

Supported Data Types

PII - Personally Identifiable Information

Social Security Numbers, Names, Dates of Birth, Addresses, Phone Numbers, Driver's License Numbers

PCI - Payment Card Industry

Credit Card Numbers (Visa, MC, Amex, Discover), CVV Codes, Expiration Dates, Cardholder Names

PHI - Protected Health Information

Medical Record Numbers, Health Plan IDs, Diagnosis Codes, Patient Names, Treatment Records

Financial Data

Bank Account Numbers, Routing Numbers, SWIFT/BIC Codes, IBAN Numbers, Tax IDs

Credentials & Secrets

API Keys, Access Tokens, Connection Strings, Private Keys (for detection testing only)

Custom / Intellectual Property

Source Code Keywords, Proprietary Document Markers, Classification Labels, Custom Regex Patterns