Security Intermediate

What is Data Loss Prevention (DLP)?

A strategy and set of tools that detect and prevent unauthorized transmission of sensitive data outside an organization.

DLP systems monitor and control data movement across networks (network DLP), on endpoints (endpoint DLP), and in cloud services (cloud DLP). They identify sensitive data (credit cards, SSNs, health records) using pattern matching, keywords, and machine learning.

Actions include blocking transmission, encrypting data, alerting administrators, and quarantining files. DLP is required by regulations including GDPR, HIPAA, and PCI DSS. Implementation requires careful policy tuning to balance security with productivity.

Learn More About This Topic

SOC Analyst Fundamentals

Related reading

SOC Analyst Advanced: Incident Response & Forensics

Related reading

Ethical Hacking & Penetration Testing

Related reading

Related Terms

DDoS (Distributed Denial of Service)

An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.

CORS (Cross-Origin Resource Sharing)

A browser security mechanism that controls which web domains can access resources from another domain via HTTP requests.

A one-way function that converts input data into a fixed-size string of characters, used for data integrity and password storage.

Penetration Testing

An authorized simulated cyberattack on a system to evaluate its security defenses and identify vulnerabilities.

Configuration entries that define which network traffic is allowed or blocked based on source, destination, port, and protocol.

Supply Chain Attack

A cyberattack that targets less-secure elements in the software supply chain to compromise downstream users and organizations.

View All Security Terms →