Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Overview

Aquilon DLP is a production-grade data leak prevention solution built in Rust.

Key Features

  • Real-time Monitoring: Detect sensitive data as files are created or modified
  • Deep Content Analysis: Parse archives, Office documents, and PDFs
  • Pattern Detection: 35 scanner plugins for PII, secrets, and compliance patterns
  • OSQuery Integration: Query findings through standard osquery tables

Use Cases

Compliance Monitoring

Monitor endpoints for sensitive data that violates compliance requirements:

  • Healthcare (HIPAA): Detect protected health information (PHI) including medical records, insurance IDs, and patient data
  • Financial Services (PCI DSS, SOX): Find credit card numbers, CVVs, and financial records
  • Privacy Regulations (GDPR, CCPA): Identify personal data including names, addresses, and government IDs

Data Breach Prevention

Prevent data leaks before they become incidents:

  • Real-time Detection: Alert immediately when sensitive data appears in monitored directories
  • Removable Media Scanning: Automatically scan USB drives when mounted to detect exfiltration attempts
  • File Sharing Oversight: Monitor shared folders and collaboration directories

Security Auditing

Discover where sensitive data resides across your infrastructure:

  • Data Discovery: Scan endpoints to map sensitive data locations
  • Risk Assessment: Identify files with multiple policy violations
  • Coverage Verification: Ensure all endpoints are protected and reporting

Incident Response

Rapidly assess affected systems during security incidents:

  • Targeted Scanning: Query specific directories or file types
  • Historical Analysis: Review past alerts for patterns
  • Triage Workflow: Acknowledge, investigate, and resolve findings with audit trail