You know that data loss prevention (DLP) system you count on to keep private and sensitive information from leaking outside the organization? It may well contain security bugs of its own, according to new research that will be presented next week at Black Hat USA in Las Vegas.
Security researchers Zach Lanier and Kelly Lum staged a bakeoff of sorts to study the actual security of these security tools and found a plethora of common security vulnerabilities such as cross-site scripting and cross-site request forgery, to name a few. Lanier, who is a senior security researcher at Duo Security, provides a sneak-peek at some of the surprising weaknesses in DLP product administrative and programmatic interfaces, as well as in their inspection engines.
So register now and listen to a fascinating interview on "Data Loss Prevention (DLP) FAIL." Have additional questions for our guest? Share them in the comments section below.