Security Intermediate

What is Data Loss Prevention (DLP)?

A strategy and set of tools that detect and prevent unauthorized transmission of sensitive data outside an organization.

DLP systems monitor and control data movement across networks (network DLP), on endpoints (endpoint DLP), and in cloud services (cloud DLP). They identify sensitive data (credit cards, SSNs, health records) using pattern matching, keywords, and machine learning.

Actions include blocking transmission, encrypting data, alerting administrators, and quarantining files. DLP is required by regulations including GDPR, HIPAA, and PCI DSS. Implementation requires careful policy tuning to balance security with productivity.

Learn More About This Topic

SOC Analyst Fundamentals

Related reading

SOC Analyst Advanced: Incident Response & Forensics

Related reading

Ethical Hacking & Penetration Testing

Related reading

Related Terms

A one-way function that converts input data into a fixed-size string of characters, used for data integrity and password storage.

CSRF (Cross-Site Request Forgery)

An attack that tricks authenticated users into submitting unwanted requests to a web application they are logged into.

JWT (JSON Web Token)

A compact, self-contained token format used for securely transmitting information between parties as a JSON object.

Two-Factor Authentication (2FA)

A security method requiring two different forms of identification before granting access to an account.

DDoS (Distributed Denial of Service)

An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.

The process of converting readable data into an unreadable format using algorithms, reversible only with the correct key.

View All Security Terms →