In Dallas today doing a quick dive into the Websense Content Protection Suite . This is the information leakage protection product formerly known as PortAuthority. I looked at these guys a while back when I was a security manager. They get their accuracy by fingerprinting your data. Basically, they crawl your files and databases and match based on that versus just matching on a string that looks like an SSN or a driver’s license number, which can lead to high false positives (they can match on strings as well).
What also interested me today more was their explanation of when you actually have a compliance violation. Let’s say your HR person sends out an SSN via email. Your first inclination is that you have a violation on your hands. But if you send an SSN without a name or other identifiable info that can be tied to that SSN, then you have no violation. And like I said above, matching on strings can lead to false positives, so you can avoid that with this technology.
They can filter http, ftp, smtp, IM, and some others. As soon as I get a more in depth demo, I will talk more about it.
Vet
