What's the Future of Data Loss Prevention (DLP) Software?
With more and more tools using cert pinning as a best practice (eg - having and maintaining their own cert keystore) and more and more companies requiring DLP software for their vendors - how can this be managed without causing enormous pain for software developers?
As DLP software currently works to essentially man-in-the-middle attack secure traffic; any cert pinned tool will fail without figuring out a workaround.
Does anyone have any good ideas or solutions for this? Adding certs or disabling SSL seems to be an afterthought in many tools.
No comments yet.