(As presented by Zach Lanier and Kelly Lum at Black Hat Asia 2016)
Despite a plethora of data security and protection standards and certifications, companies and their systems are still leaking information like a sieve. For instance, Data Loss Prevention (DLP) solutions have often been touted as the "silver bullet" that will keep corporations from becoming the next headline. With deployment models ranging from a fat agent on an endpoint, to a blinky-lights box surveilling all network traffic, to some unified threat management gateway with DLP secret sauce, these solutions are ripe for bypass -- or worse.
This talk will discuss our previous and current research into a handful of DLP solutions, including their capabilities and their shortcomings. We will demonstrate flaws in administrative and programmatic interfaces and the inspection engines themselves.