DLP Policy Testing Tool

Use this tool to safely check if your DLP solution is configured and functioning correctly. Try it with your own data, or use our sample PII and payment card data. If your upload is successful, then your DLP policy is not functioning correctly and your endpoint is at risk of data egress.

Test HTTPS Post

A request method supported by the HTTPS protocol for submitting filled-in forms, updating databases, and uploading files to the server. Sensitive data can be lost when completing a web form or uploading a file to a web server. Check to see if your DLP policies are able to block this type of action.

Insert data in the text box

  1. Insert data into the box below and then click "POST TEST" to attempt leakage
  2. A results page will display if any data is leaked
     

Sample data

John Reyes / 660-03-8360 / 9/18/1975
John / Smith / 95126 / 1916-4034-9269-8783
Karen / Perez / 6/14/1975 / KarenWhite@hotmail.com
* We do not store any data from your HTTPS posts.

Your post was successful! If you were trying to block this action via DLP the policy did not work correctly.

Retry Test

Your post was blocked, great job!

Retry Test

File Upload method [10MB max]

  1. Upload a DLP test File to test for leakage
  2. Results will be shown immediately. Data is stored on a web server then deleted automatically.

Sample data

Choose a file or drag it here
File size limit exceeded (5 Mb)
Total file number exceeded
Please add at least one file
Something went wrong. Please reload the page and try again.
Please select at least one of the checkboxes in order to continue.
* We do not store any data from your HTTPS posts.

Your file upload was successful! If you were trying to block this action via DLP the policy did not work correctly.

Retry Test

Your file upload was blocked, great job!

Retry Test

NOTE: HTTPS Post is a request method supported by the HTTPS protocol for submitting filled-in forms, updating databases, and uploading files to the server.

Test HTTP Post

A request method largely implemented in HTML files for submitting filled-in forms, updating databases, and uploading files to the server. Sensitive data can be lost when completing a web form or uploading a file to a web server. Check to see if your DLP policies are able to block this type of action.

Insert data in the text box

  1. Insert data into the box below and then click "POST TEST" to attempt leakage
  2. A results page will display if any data is leaked
     

Sample data

John Reyes / 660-03-8360 / 9/18/1975
John / Smith / 95126 / 1916-4034-9269-8783
Karen / Perez / 6/14/1975 / KarenWhite@hotmail.com
* We do not store any data from your HTTP posts.

Your post was successful! If you were trying to block this action via DLP the policy did not work correctly.

Retry Test

Your post was blocked, great job!

Retry Test

File Upload method [10MB max]

  1. Upload a DLP test File to test for leakage
  2. Results will be shown immediately. Data is stored on a web server then deleted automatically.

Sample data

Choose a file or drag it here
File size limit exceeded (5 Mb)
Total file number exceeded
Please add at least one file
Something went wrong. Please reload the page and try again.
Please select at least one of the checkboxes in order to continue.
* We do not store any data from your HTTP posts.

Your file upload was successful! If you were trying to block this action via DLP the policy did not work correctly.

Retry Test

Your file upload was blocked, great job!

Retry Test

NOTE: HTTP Post is a request method supported by the HTTP protocol for submitting filled-in forms, updating databases, and uploading files to the server.

FTP Test

FTP is an unsecure way to transfer files and does not meet compliance requirements of data protection standards. Data sent via File Transfer Protocol (FTP) can be vulnerable. Check to see if your DLP policy blocks FTP uploads.

Our Public FTP test site info is below and can be used to upload test DLP files. The files will only be stored for 2 minutes before being deleted.

FTP URL: dlptest.endpointprotector.com or ftp://dlptest.endpointprotector.com

FTP User: eppdlp

FTP Password: Hx4V7=TEarJ3W?mJb6Wtb

FileZilla Profile: https://dlptest.endpointprotector.com/FTP_Test_FileZilla.xml

Frequently Asked Questions

Testing DLP policies

Data Loss Prevention solutions help to prevent sensitive data from being lost beyond your organizational controls. In many cases, the loss of data such as PII, PHI and payment card data can result in regulatory fines and reputational damage, so it’s important to ensure your DLP policies are configured correctly. Use this tool to check whether your policies are configured correctly and able to prevent data egress from the endpoint.

What is a DLP policy?

Data Loss Prevention solutions rely on a set of policies to determine how, and when certain data types can be shared or moved by employees. DLP policies are typically built around the types of data that you want to protect (e.g. PII, PHI, PCI data), and the exit points that are monitored for potential exfiltration. These can then be applied to individual computers, users, groups, or at a company-wide level.

How does the DLP Testing Tool work?

You can use this tool to evaluate whether your DLP policies are performing as expected across endpoints (please ensure that your policies are set to “block”). DLP solutions such as Endpoint Protector can prevent data exfiltration from a number of different exit points - spanning removable USB storage, printers, Bluetooth connections, email, cloud uploads and more. For simplicity, this DLP testing tool monitors file uploads through HTTPS, HTTP and FTP protocols. These are common protocols for submitting forms, and uploading files to a server or cloud storage.

Why use the DLP Testing Tool?

The purpose of a DLP policy is to prevent the unauthorized exfiltration of sensitive data. If policies are not correctly configured, or if your DLP solution is not correctly installed, then they can fail. This can put your data at risk of accidental loss, or theft, or a wider data breach. This tool can help to validate new, or revised policies, and ensure you are meeting your data compliance obligations.

What type of data can I test?

Security is important to us. So, to make things easy, we have included sample PII, and payment card data. We highly recommend that you do not share your own live / production data. Please note that data sent through the form is not processed, nor stored on our servers; and files uploaded through the form are automatically deleted after the POST command executes. Files uploaded through FTP are automatically deleted after 2 minutes.

What if the DLP test fails?

If you were able to successfully post data using the DLP Testing Tool, it’s important to check your DLP policy configuration and try again. If you would like to evaluate Endpoint Protector as an alternative to your existing DLP solution, please request a demo.