MyDLP Blog

open source data leak prevention

Presenting DLP in SaaS model

without comments

As you can see from our previous blog post, we are now developing multi-user version of MyDLP in order deliver product to customer in SaaS model. When working on this task, we have encountered several conceptual challenges.

For example; Network-based DLP solutions should inspect all relevant traffic in order to prevent sensitive data leakage, but in Security-as-a-Service model, applications run on cloud computing data centers. So, situation enforces administrators to redirect all traffic to cloud servers and this was never a good idea because of duplicate bandwidth usage on both client line and server line.

Now, what we should do? What is the solution?

Solution is already presented by several authors. Answer is hybrid SaaS model. An application server runs in the internal network, proxies whole external traffic and sends critical parts to services on clouds for leak prevention analysis.

We have worked on this concept and tried to think of a way to use MyDLP in this model and let me tell you MyDLP was already ready for this model and the answer what we were looking for was ICAP.

In next blog post, I will talk about ICAP and our SaaS model implementation…

Written by kerem

October 21st, 2010 at 1:51 pm

Posted in SaaS

MyDLP SaaS

without comments

Data leak protection is a common concern for all companies nowadays. However not all companies have enough budget to conduct an inbound DLP system. Nowadays, MyDLP developers are working to convert MyDLP to a SaaS.

According to many researches, tunneling all outgoing network traffic to a SaaS is not a desirable solution. Because of this, MyDLP is going to integrate with your present web proxies such as Squid, WebSense and Nginx with ICAP. By this way, with too little latency and traffic overhead companies will be able to solve their security and compliance issues.
Moreover, the only thing you have to do with e-mail filtering with MyDLP is just define MyDLP as next hop to your current e-mail server. Also with Exchange 2010 integration support your enterprise e-mails will be much more secure.
MyDLP will shortly release their SaaS product in open source. MyDLP is waiting for your support.

Written by burak

October 20th, 2010 at 8:16 am

Posted in Uncategorized

New Bayesian Classifier Engine for MyDLP

without comments

Previously, we have developed a Bayesian Classifier Engine with Java because of Turkish NLP (zemberek) dependency. But, this engine was introducing us some difficulties in many areas such as distribution, performance and maintenance.

But, a week ago we have decide to develop a very simple Turkish NLP module for MyDLP. This was a good decision because zemberek was too developed for us :) . We weren’t using most of its features and for every request we have to push a big binary through a thrift bridge. Also, large memory footprint of Java process was a disadvantage.

And now, we are using bayeserl with our own very simple Turkish NLP module. Moreover, results are more accurate and performance is improved.

Try it, use it.

Any comments and questions are very welcome.

Written by kerem

September 11th, 2010 at 6:22 pm

Posted in Data Identification

MyDLP Feature and Help Document Draft

without comments

You can reach draft version of MyDLP Feature and Help Documentfrom the link below. We are about to make a release for network part of MyDLP over Ubuntu.

http://downloads.medratech.com/help/help.html

Written by burak

September 6th, 2010 at 1:22 pm

Posted in Documents

MyDLP Windows Endpoint - First Release

without comments

MyDLP Windows Endpoint Data Leak Prevention tool has made its first release in today. This release is a test release for community. Please feel free to make any comments or submit bugs.

This release have a little probability to harm your computer. Because of this try it in your virtual machines.

Applicable platforms:

32 bit:
Windows XP/Vista/7

You can download and use MyDLP EP from this url:
http://github.com/mydlp/mydlp-host-win32/downloads

Usage and howto documents are going to be ready for a few days.

Central management over network features and several major bugfixes will be ready for the next release. However the most important thing is your opinions for us.

Written by burak

July 19th, 2010 at 9:57 am

Posted in MyDLP Endpoint,Releases

MyDLP Network

without comments

0.1.0 version of MyDLP have been released. You can access tarball from GitHub page.

Features of the release are listed here.

Also, some basic documentation had been added to wiki.

Comments, critics, recommendations, bug reports, feature requests are all welcome.

Written by kerem

July 5th, 2010 at 11:21 am

Posted in MyDLP Network,Releases

MyDLP Win32 Endpoint Features

without comments

This features are expected to be released in 2 weeks after final tests(16.07.2010).

Service

  • Contains a windows service to apply changes in configuration on the fly
  • Contains a file-system minifilter to scan copy, move or modify operations on removable devices on the fly
  • Filters all removable device activity against data leak
  • Filters and logs screen capture activities according to defined applications
  • Listens removable device attaches and CD/DVD insertion and run scans to detect critical data-at-rest
  • Sensitive file recognition according to file hash, regular expressions(UTF-8), predefined expressions (SSN, Credit Card Number, IBAN, TRId), encrypted archives
  • Filetypes: MS Office 2003, MS Office 2007, OpenOffice, PDF, PS, RTF
  • Filetype filtering for online scanning: Photoshop (PSD), Paintshop Pro (PSP), Autocad (DWG)
  • Screen capture filtering according to applications: Photoshop, Autocad, MS Office, OpenOffice, CorelDraw

    • GUI

  • System tray for easy management
  • Add or remove file md5
  • Add or remove UTF-8 regliar expression values
  • Predefined expressions (SSN, Credit Card, IBAN, TRId), minimum number definitions management
  • Local directory scan to detect data-at-rest
  • Local disk scan to detect data-at-rest
  • Add or remove excluded dirs for local scans
  • Define auto data-at-rest scan for removable devices on plug in
  • Define auto data-at-rest scan for CD/DVD on insertion
  • View logs for data-at-rest scans
  • Management of removable device on-line scanning (copy, move and modification) options for USB disks
  • Choose forbidden file-types for on-line scanning
  • View logs for removable device on-line scanning
  • Adjust screen capture filtering
  • Manage other options
  • English and Turkish language support

    • Written by burak

    July 3rd, 2010 at 3:13 pm

    Posted in Documents,MyDLP Endpoint

    What is MyDLP?

    without comments

    MyDLP is an easy-to-use network based data leak prevention tool. It is under heavy development and you can see MyDLP’s sources over http://github.com/mydlp. Project is licensed under GPLv3. Erlang/OTP is being used in development of MyDLP for concurrency, easy deployment and management.

    MyDLP’s main aims are:

    - Manage Information Flow
    - Detect leak

    - Block leak
    - Trusted logging
    - Support for logging with trusted 3rd parties
    - Formatted log for easy evaluation
    - Performance and Scalability
    - With Erlang/OTP concurrency is not a problem
    - Support for many protocols
    - HTTP, SMTP, POP3, IMAP, FTP, MSNMS, Jabber, SFTP, SSH, Telnet, etc…
    - HTTP support is under development now
    - SSL support for these protocols where applicable
    - Support for specialized protocol implementation
    First release for MyDLP will be released until 30 June 2010. Wait for it. We are coming and bringing a new aspect for data leak prevention!!!

    Written by burak

    May 6th, 2010 at 12:13 pm

    Posted in General

    Newer Entries »