[Oisf-users] Data loss prevention using suricata
Chintagunta, Murali Mohan Chakravarthy (HPUX-Network Security)
murali-mohan.chakravarthy at hp.com
Tue Jul 9 16:28:12 UTC 2013
Hello All,
Have a question on application of suricata for DLP (data loss prevention).
As l now understand that, suricata has visibility to layer 7 using its HTP library. It can also do file extraction and identification.
The question is, if it is possiable to write rules to prevent my files in different locations like SAN or SMB or local disks getting transferred out of my network.
To be specific, can I prevent bad guys stealing my files from my environment by writing specific suricata rules.
Can any one give a example of the rule.
Thanks a lot
Murali
More information about the Oisf-users
mailing list