Data Loss Prevention Testing Suite

Validate your DLP solution's effectiveness across all protection vectors. Test data in motion, data in use, and data at rest.

Data in MotionData in UseData at Rest

DLP Testing Categories

Data Loss Prevention is traditionally divided into three categories. Use the tools below to test each vector of your DLP deployment.

Data in Motion

Test your DLP solution's ability to monitor and block sensitive data transmitted over the network via HTTP, HTTPS, FTP, and SMTP.

Data in Use

Validate endpoint DLP agents can detect sensitive data being copied, pasted, printed, or screen-captured on user workstations.

🗃

Data at Rest

Test discovery scanning with synthetic sensitive data files, and classify content to identify PII, PCI, PHI, and custom patterns.

DLP Tools

Utilities for testing, validating, and configuring DLP solutions.

.*

Regex Pattern Tester

Test and validate DLP detection patterns against sample data. Includes common presets for SSN, credit cards, emails, and more.

Open Tool

Email Header Analyzer

Analyze email headers for SPF, DKIM, and DMARC authentication results. Trace message routing and identify security issues.

Open Tool
#

File Hash Generator

Generate MD5, SHA-1, and SHA-256 hashes for files. Useful for exact data matching (EDM) and fingerprinting tests.

Open Tool

How to Use This Site

1

Configure Your DLP

Set up your DLP solution in monitor mode first. Create policies to detect PII, PCI, PHI, and other sensitive data types.

2

Run Tests

Use the testing tools to attempt transmitting sensitive data via HTTP POST, email, FTP, clipboard, and other channels.

3

Verify Detection

Check your DLP console to confirm incidents were created. Validate that the correct policies triggered and data was classified properly.

4

Switch to Block Mode

Once detection is verified, enable blocking mode and re-run the tests to confirm your DLP solution actively prevents data exfiltration.

Supported Data Types

PII — Personally Identifiable Information

Social Security Numbers, Names, Dates of Birth, Addresses, Phone Numbers, Driver's License Numbers

PCI — Payment Card Industry

Credit Card Numbers (Visa, MC, Amex, Discover), CVV Codes, Expiration Dates, Cardholder Names

PHI — Protected Health Information

Medical Record Numbers, Health Plan IDs, Diagnosis Codes, Patient Names, Treatment Records

Financial Data

Bank Account Numbers, Routing Numbers, SWIFT/BIC Codes, IBAN Numbers, Tax IDs

Credentials & Secrets

API Keys, Access Tokens, Connection Strings, Private Keys (for detection testing only)

Custom / Intellectual Property

Source Code Keywords, Proprietary Document Markers, Classification Labels, Custom Regex Patterns