Why use dlptest.com?

DLPTest.com is a testing resource for testing data loss prevention (DLP) software to test functionality. If DLP has been installed and configured correctly, DLP Test can demonstrate that sensitive data is protected when DLP is in blocking mode. Data loss prevention has traditionally been divided into three categories: Data in Use (DIU), Data at Rest (DAR), and Data in Motion (DIM). DLPTest.com currently offers features to test Data in Use and Data in Motion.

What is Data Loss Prevention?

​Data loss prevention (DLP) is a strategy or set of technologies designed to prevent sensitive or confidential data from being disclosed, shared, or used in unauthorized ways or violating an organization’s policies. DLP technologies can include software, hardware, or a combination of both.

DLP can identify, classify, and protect data based on sensitivity and can be configured to take different actions when sensitive data is detected. For example, a DLP solution might prevent an email from being sent if it contains sensitive information, alert an administrator when sensitive data is accessed or copied, or encrypt data to prevent unauthorized access.

Organizations often use DLP to comply with regulations, such as data privacy laws or protect sensitive business information. It is an essential aspect of data security and is used to prevent data breaches and protect against data theft.

Data In Use Details (Endpoint DLP)

Data In Use, also known as Endpoint DLP, involves installing an endpoint agent on user computers. The agents can be installed on laptops, desktops, and virtual desktops such as Citrix VDI. Once the endpoint agent has been installed, the DLP software can be configured to monitor various channels for sensitive data. These channels may include USB transfers, CD/DVD burning, data movement from network shares, web browsers (such as Edge, Chrome, and Firefox), FTP transfers, and cloud storage. Different DLP vendors may offer various sets of supported channels for monitoring.

Data In Motion Details (SSE and SASE)  

Data In Motion refers to the ability to monitor traffic on a network, including protocols such as HTTP, HTTPS, FTP, and SMTP. This type of DLP is typically divided into three modules to integrate with different areas of the network. The first module is the network monitor, which typically requires a physical server due to limitations with virtual network cards. The network monitor uses a SPAN port or network tap to monitor traffic. Network monitors have faded out since most network traffic is encrypted and only has monitor-only abilities. To monitor outbound email traffic, the DLP email MTA sits between the email router (such as Exchange) and the edge MTA (mail gateway). Many edge MTA solutions and even Microsoft and Google now include DLP features. ICAP DLP integrates with a web proxy using the ICAP protocol to monitor HTTP, HTTPS, and FTP traffic. A modern approach involves incorporating DLP into a secure service edge (SSE) solution, which monitors all user traffic, regardless of the location. SSE with DLP allows organizations to protect sensitive data as it moves across the network, whether users are accessing it from within the organization’s premises or remotely.

Stay Informed with DLP Test: Your Source for the Latest Data Security Vendor Insights, Trends, and News

The Hard Truth About DLP: Why Endpoint Agents Are Essential

Jul 31, 2025

Introduction: Agentless Sounds Great, But In recent years, a wave of agentless data protection solutions has promised to secure data without the headaches of endpoint agents. It's an attractive proposition; who wouldn’t want to avoid deploying software on thousands of laptops? I’ve heard many security teams ask, “Can’t we do data loss prevention (DLP) with APIs alone?” Having been in the data protection trenches, I understand the appeal. Agents can be a pain. Deployment is tedious, upgrades can break things, and users certainly complain if an agent slows their machine. It’s no wonder that some newer approaches, like Data Security Posture Management (DSPM), tout “no agents required.” But here’s the hard truth: if you want real DLP and effective insider risk protection, an endpoint agent is non-negotiable. Agentless approaches have their place (e.g., discovering cloud data or checking configurations), but they leave critical blind spots. In this post, I’ll explain why endpoint agents...

read more

The data protection platform race is on!

Oct 17, 2024

Throughout 2023 and early 2024, I spoke at conferences and ISSA chapter meetings about the "Evolution of Data Protection" (a copy of that presentation is here). I made two primary predictions about how the data protection landscape would transform over the next few years. What I didn't know was that it would happen so quickly, so let's break it down. Data Discovery Platforms, aka Data Security Posture Management (DSPM) In the last five years, significant changes have required data discovery innovation. Ramping compliance standards, GDPR in 2018, and CCPA in 2020, then expanded to many states and countries from 2020. Migration to Cloud and SaaS was well underway, but in 2020, COVID-19 increased the adoption of more SaaS apps, including many that contain sensitive data. Management became challenging with sensitive data being moved into these SaaS apps and all the new settings. These changes led to a space that needed innovation. Some innovative vendors in the data discovery field...

read more

Cyera Raises $400M to Meet Rapidly Growing Demand for AI Security Among Enterprises

Jan 26, 2026

Cyera, the industry’s leading AI and data security company, has announced a $400 million Series F funding round led by Blackstone. This latest raise brings Cyera’s total funding to over $1.7 billion and triples the company’s valuation to $9 billion in just one year—solidifying its position as one of the top-funded security startups in the world. Why This Matters: Securing the Agentic AI Frontier As enterprises transition from simple generative AI to more autonomous agentic AI, the risk surface is expanding faster than traditional tools can manage. IDC’s recent predictions suggest that by 2030, up to 20% of G1000 organizations will face disruptions due to poor AI agent governance. Cyera’s platform is designed to close this gap by ensuring speed doesn't outpace safety. Cyera’s mission is to provide the "cornerstone of enterprise trust." By converging Data Security Posture Management (DSPM), Data Loss Prevention (DLP), and identity into a unified, AI-native platform, they allow...

read more

Bedrock Data Raises $25M Series A to Accelerate AI-Native Data Security Platform

Dec 10, 2025

Bedrock Data, a fast-rising provider in the data security posture management (DSPM) space, has announced a $25 million Series A funding round led by Greylock Partners, with participation from Mangusta Capital, Mantis Venture Capital, Pier 88 Investment Partners and others. The investment marks a major milestone as enterprises race to secure data across increasingly complex cloud and AI ecosystems. Why This Matters: Data Security Is Being Rewritten for the AI Era As organizations adopt foundation models, agentic AI, and massive-scale cloud architectures, traditional security tools built around perimeters, identities, and infrastructure can no longer keep up. Bedrock Data’s 2025 Enterprise Data Security Confidence Index highlights this gap, revealing that 82% of cybersecurity leaders struggle to find and classify organizational data. Bedrock Data’s platform tackles this challenge with its Metadata Lake, a continuously updated graph that discovers, classifies, and contextualizes data...

read more

Teleskope Raises $25M to Bring Human-Level Intelligence to Data Security

Nov 11, 2025

Teleskope, a company pioneering “agentic” data security for the AI era, has raised $25 million in Series A funding led by M13, with continued backing from Primary Venture Partners and Lerer Hippeau, bringing its total funding to $32.2 million. The funds will fuel product innovation, expansion, and go-to-market growth as Teleskope accelerates adoption of its agentic data security platform—the first of its kind designed to operate like a human security team at scale. Teleskope’s platform autonomously discovers, classifies, and protects sensitive data across cloud, SaaS, and hybrid environments. It uses a multi-stage AI pipeline to understand context, apply company-specific policies, and automatically detect, prioritize, and remediate risk in real time. This “human-like” intelligence allows organizations to protect data proactively while confidently adopting AI technologies. Founder and CEO Elizabeth Nammour, a former Airbnb security engineer, created Teleskope after experiencing...

read more

Veeam Reportedly Nears $1.8B Acquisition of DSPM vendor Securiti AI

Oct 15, 2025

Data protection giant Veeam is reportedly in advanced talks to acquire AI security and data security posture management firm Securiti for $1.8 billion, according to Bloomberg. The move would mark Veeam’s largest acquisition to date and accelerate its shift from traditional backup and recovery toward full-scale cybersecurity. The deal follows a surge in valuations across the data protection market, fueled by rising enterprise spending on AI and data resilience. Rivals Rubrik and Commvault have both seen major valuation gains, and Veeam itself reached a $15B valuation after a $2B funding round in late 2024. Founded in 2019 and led by Rehan Jalil, Securiti has earned top rankings from Forrester and IDC for its AI-driven data discovery, privacy, and security capabilities. Securiti AI's revenue was $75.9 million in October 2024, about 23 times its 2024 revenue. If finalized, the acquisition would significantly expand Veeam’s cybersecurity portfolio and position it strongly ahead of a...

read more

Concentric AI Acquires Data Security Technologies Swift Security and Acante

Jul 2, 2025

Concentric AI has announced the acquisition of two AI-driven security startups, Swift Security and Acante, to enhance its data security governance platform. This strategic move aims to unify data security posture management (DSPM), data loss prevention (DLP), and generative AI (GenAI) governance across various data types and environments. Key Highlights: Expanded Capabilities: The integration of Swift Security and Acante technologies allows Concentric AI to extend its protections across multiple GenAI use cases, securing enterprise data at rest, in motion, and in use. Monitoring Public GenAI Tools: With Swift Security's technology, Concentric AI can now monitor and prevent data exfiltration across public GenAI tools such as ChatGPT, ensuring effective data security governance of proprietary GenAI workloads. Enhanced Data Governance: The acquisitions bolster Concentric AI's Semantic Intelligence platform, facilitating comprehensive discovery, categorization, classification, risk...

read more

Ad:

Cyberhaven Ad

Frequently Asked Questions

How to run a FTP Upload (FTP PUT)

Windows does not support passive FTP so you need a 3rd party app like FileZilla and you can use this profile. https://dlptest.com/DLP_Test_FTP_FileZilla.xml . The error on Windows when trying to upload data is FTP – 500 I won’t open a connection to

Here are the steps for MacOS or Linux

  1. Open terminal for Mac
  2. Change to the location of the test files example:

cd /Users/user1/Downloads

  1. Connect to the DLPTest.com FTP Server

ftp ftp.dlptest.com -p

  1. Use the following username and password

User: dlpuser@dlptest.com

Password: Refer to this page for the newest password https://dlptest.com/ftp-test/

  1. Run a put to upload the test file

put testdoc.docx

How to complete an initial test on Email Prevent
  1. Compile a list of the Exchange and edge MTA IP Addresses
  2. Within the edge MTA settings update the Allow Relay and add in the new DLP Email Prevent IP Addresses
  3. Within the DLP Email Prevent configuration make sure to setup the forward address to the MTA IP Address, add in the allow relay to only allow Exchange to send to Email Prevent, and validate the port to accept and relay are correct (25 is most cases)
  4. On Exchange create a new send connector to point to a test domain in which a test email address is hosted. Example the send connector could be for gmail.com and all email sent to Gmail would go through Email Prevent
How to test Web Prevent with dlptest.com
  1. Validate that the proxy is setup to send all PUT/POSTS to the Web Prevent servers via ICAP
  2. Validate that the browser on the test workstation is being filtered by the proxy
  3. Enable a test social security number and credit card number policy
  4. Copy the sample test data for the dlptest googletest.com/sample-data page
  5. Post to sample test data on the dlptest googletest.com/http-post and dlptest.com/https-post
  6. The last recommendation is run through the testing first in a monitor mode and then turn on blocking and run through the testing again
How to test an Email Prevent server
  1. If Email Prevent is already in production you can follow the next steps without any issue, if Email Prevent is not in production follow the steps for initial Email Prevent testing
  2. Enable a test social security number and credit card number policy
  3. Copy the sample test data for the dlptest.com/sample-data page
  4. Created a text or Word document with the sample data and upload the text or Word document to dlptest.com/ftp-post
  5. Run a few email tests to an external email address to validate incidents are created when the sample data is in attachments and within the email body
  6. The last recommendation is run through the testing first in a monitor mode and then turn on blocking and run through the testing again
How to test a Network Monitor with dlptest.com
  1. Validate that the Network Monitor is see both HTTP and FTP traffic by looking a traffic stats
  2. Enable a test social security number and credit card number policy
  3. Copy the sample test data for the dlptest googletest.com/sample-data page
  4. Post to sample test data on the dlptest.com/http-post googletest
  5. Created a text or Word document with the sample data and upload the text or Word document to ftp://ftp.dlptest.com/24_Hour/. If you are not sure how to complete an FTP Upload, there is another FAQ below for this action.
  6. Network Monitor is a monitor only device so you are unable to test block
  7. If you are not seeing incidents troubleshooting can be done by running a Wireshark capture on the Network Monitor to validate the correct traffic is being seen
How to test Data-In-Use (Endpoint) with dlptest.com
  1. Enable monitoring web browsers and FTP transfer channels
  2. Enable a test social security number and credit card number policy
  3. Copy the sample test data for the dlptest.com/sample-data page
  4. Post to sample test data on the dlptest.com/http-post and dlptest.com/https-post
  5. Created a text or Word document with the sample data and upload the text or Word document to ftp://ftp.dlptest.com/24_Hour/. If you are not sure how to complete an FTP Upload, there is another FAQ below for this action.
  6. The last recommendation is run through the testing first in a monitor mode and then turn on blocking and run through the testing again

Subscribe to Updates

Privacy Policy - Terms and Conditions