from Hacker News

What's the Future of Data Loss Prevention (DLP) Software?

by geogra4 on 10/30/23, 9:09 PM with 0 comments

With more and more tools using cert pinning as a best practice (eg - having and maintaining their own cert keystore) and more and more companies requiring DLP software for their vendors - how can this be managed without causing enormous pain for software developers?

As DLP software currently works to essentially man-in-the-middle attack secure traffic; any cert pinned tool will fail without figuring out a workaround.

Does anyone have any good ideas or solutions for this? Adding certs or disabling SSL seems to be an afterthought in many tools.