Things I'de try:
- Send it over https (SSL out ftw)
- Common Image stego tools, embed that secret recipe right in the
company logo
- Change formats, does it detect the word doc but not the jpeg
screen shot of said doc?
Do all this using only the tools availible to your users, go out an
download encryption tools from a production build, bypass your proxy.
I try not to judge a tool based on it's capablity but the value it
adds to your environment. You may find that in order for that product
to add value you may have to implement other controls.
Encryption, Encodeing, and Stego are my perfered DLP product
attack vectors.
-- Allen Deryke
On Oct 22, 2009, at 11:38 AM, Brian Schultz <[email protected]>
wrote:
> Our security department is testing out Symantec's Vontu and I am
> playing the guinea pig and have to try and get documents out of our
> company's environment. I have a really basic understanding of how it
> works. It has a span port sitting and listening to all outgoing web
> traffic and there is also an agent that sits on desktops and watches
> to see if any sensitive information leaves via USB drive or e-mail.
>
> Does anyone have any whitepapers or info regarding how it actually
> works or any tactics I should try?
> _______________________________________________
> Pauldotcom mailing list
> [email protected]
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
