[Oisf-users] Data loss prevention using suricata

Chintagunta, Murali Mohan Chakravarthy (HPUX-Network Security) murali-mohan.chakravarthy at hp.com
Tue Jul 9 16:28:12 UTC 2013

Hello All,

Have a question on application of suricata for DLP (data loss prevention).

As l now understand that, suricata has visibility to layer 7 using its HTP library. It can also do file extraction and identification.

The question is, if it is possiable to write rules to prevent my files in different locations like SAN or SMB  or local disks getting  transferred out of my network.

To be specific, can I prevent bad guys stealing my files from my environment by writing specific suricata rules.

Can any one give a example of the rule.

Thanks a lot

More information about the Oisf-users mailing list