OpenDLP is a free and open source, agent-based, centrally-managed, massively distributable data loss prevention tool. Given appropriate Windows domain credentials, OpenDLP can simultaneously identify sensitive data at rest on hundreds or thousands of Microsoft Windows systems from a centralized web application. OpenDLP has two components: a web application and an agent.
- Automatically deploy and start agents over Netbios/SMB
- When done, automatically stop, uninstall, and delete agents over Netbios/SMB
- Pause, resume, and forcefully uninstall agents in an entire scan or on individual systems
- Concurrently and securely receive results from hundreds or thousands of deployed agents over two-way-trusted SSL connection
- Create Perl-compatible regular expressions (PCREs) for finding sensitive data at rest
- Create reusable profiles for scans that include whitelisting or blacklisting directories and file extensions
- Review findings and identify false positives
- Export results as XML
- Written in Perl with MySQL backend.
- Runs on Windows 2000 and later systems
- Written in C with no .NET Framework requirements
- Runs as a Windows Service at low priority so users do not see or feel it
- Resumes automatically upon system reboot with no user interaction
- Securely transmit results to web application at user-defined intervals over two-way-trusted SSL connection
- Uses PCREs to identify sensitive data inside files
- Performs additional checks on potential credit card numbers to reduce false positives.