Data Loss Prevention - Group Therapy (Brandon Baker)

Short intro to Cloud Access Security Broker

Weak HTTPS encryption leads to data loss

Over a third (35%) of the world’s websites are still using insecure SHA-1 certificates despite the major browser vendors saying they’ll no longer trust such sites from early next year, according to Venafi.

Continue to read

Gartner Market Guide for File Analysis Software

Read: Market Guide for File Analysis Software

How to find out a user account for Outlook Web Access(Apps) incidents [Symantec DLP]

If you are using Web Prevent for monitor Outlook Web Access (OWA) traffic, you probably were unlucky to find out any user account information in such incidents.

Good news! After inspecting a "Message body" part of such incidents, I found out that it contains a string with user SID from Active Directory. Using this entry you can fetch any user's information from your Active Directory. 

And even better! You can use it in your Lookup Plugins as well. With a little trick. As you may know, Lookup Plugins can not directly deal with incident's attachments, message and so on. But if you leveraging any script language for Lookup Plugin, you can easily get around this limitation. There is another place where you can get any incident's component - Incident Reporting and Update API.

I prefer to write Lookup Plugins with Python for it's simplicity. If you do so, I recommend using SUDS to deal with API.

Download the Forrester report

Magic Quadrant for Enterprise Data Loss Prevention

Enterprise DLP continues evolving to support both content-aware and context-aware capabilities, as well as support for IT security leaders to cover broader deployment use cases beyond regulatory compliance and intellectual property protection.

Follow the link: Gartner, 2016

A practical approach to deploying Data Loss Prevention Jon Damratoski

Thwarting the Insider Threat: Developing a Robust “Defense in Depth” DLP...