← Back to Dashboard

Data Loss Prevention (DLP)

Prevent agents from accidentally leaking sensitive data like API keys, passwords, credit card numbers, or personal information.

Table of Contents

Overview

For everyone: DLP is like a security guard that watches everything your AI agents send and receive. If an agent accidentally tries to include a password, credit card number, or API key in an email or output, DLP catches it and blocks, redacts, or logs it — before any damage is done.

For technical users: The DLP system applies pattern-matching rules (regex, keyword, or PII type detectors) to agent inputs and outputs. Rules are evaluated in real-time with configurable actions (block, redact, warn, log) and severity levels. All matches are recorded as violations in an audit-ready log. The engine exposes /dlp/rules, /dlp/violations, and /dlp/scan endpoints.

How It Works

  1. Define rules — create patterns that identify sensitive data (regex, keywords, or built-in PII types).
  2. Content is scanned — as agents process emails and tool outputs, content is checked against all active rules.
  3. Action is taken — when a match is found, the configured action fires: block, redact, warn, or log.
  4. Violation is recorded — every detection is logged with the agent, tool, direction, match context, and action taken.

Key Concepts

Pattern Types

TypeDescriptionExample
RegexRegular expression pattern matchingsk-[a-zA-Z0-9]{48} (OpenAI key)
KeywordSimple text matchingpassword, secret_key
PII TypeBuilt-in detectors for common PIIemail, ssn, credit_card

Built-in PII Types

Actions

ActionBehaviorUse When
BlockPrevents the content from being sent/processed entirelyCritical secrets, credentials, highly sensitive PII
RedactReplaces the matched content with [REDACTED] and allows the rest throughSemi-sensitive data where the message itself is important
WarnAllows the content but flags it with a warningPotentially sensitive content that may be legitimate
LogSilently records the match without any interventionMonitoring and baseline measurement

Severity Levels

SeverityColorTypical Use
CriticalRedProduction database passwords, master API keys, encryption keys
HighOrangeAPI keys, access tokens, credit card numbers
MediumBlueEmail addresses, phone numbers, internal URLs
LowGrayNames, general keywords, non-critical metadata

Creating & Editing Rules

Click "Add Rule" to create a new DLP rule. Click any rule row to view its details in a modal, or use the pencil icon to edit an existing rule. Fill in:

Organization Scoping: Use the org switcher in the page header to view and manage DLP rules per organization. Rules are scoped — each organization has its own set.
Tip: Start with "log" action to measure how often a pattern matches before switching to "block" or "redact." This avoids disrupting agent workflows with false positives.

Example Rules

// Block AWS access keys
Name: "Block AWS Keys"
Type: regex
Pattern: AKIA[0-9A-Z]{16}
Action: block
Severity: critical

// Redact credit card numbers
Name: "Redact Credit Cards"
Type: pii_type
Pattern: credit_card
Action: redact
Severity: high

// Log email address mentions
Name: "Log Email Mentions"
Type: pii_type
Pattern: email
Action: log
Severity: medium

Enterprise Rule Packs

The Rule Packs tab provides pre-built enterprise-grade rule sets that can be applied to any organization with one click. Rules are instantly active — no restart needed.

Available Packs

PackRulesDescription
PII Protection10Email, SSN, credit card, phone, passport, DOB, driver license, tax ID, IBAN, IP addresses
Credentials & Secrets14API keys, AWS/GitHub/Slack/Stripe/Google/OpenAI tokens, private keys, passwords, DB connection strings, JWTs
Financial Data5Bank accounts, routing numbers, SWIFT codes, salary data, tax returns
Healthcare / HIPAA5Medical records, insurance IDs, ICD/CPT codes, prescriptions, DEA numbers
GDPR / EU Compliance4EU national IDs, DSAR keywords, consent withdrawal, cross-border transfer markers
Intellectual Property4Confidentiality markers, source code blocks, patent references, internal URLs
Agent Safety5Prompt injection (ignore instructions, role override, system prompt extraction), base64 payloads, shell injection

Applying Packs

  1. Go to the Rule Packs tab
  2. Select one or more packs (or "Select All")
  3. Optionally check "Overwrite existing rules with same name" to update rules you've previously applied
  4. Click "Apply Selected Packs"
Tip: Click the expand arrow on any pack to preview all its rules before applying. Rules that already exist (same name) are skipped by default unless overwrite is enabled.

API Endpoints

MethodEndpointDescription
GET/dlp/rule-packsList available rule packs with metadata
GET/dlp/rule-packs/:idGet pack details including all rule definitions
POST/dlp/rule-packs/applyApply packs to an org: { orgId, packIds[], overwrite? }
POST/dlp/reloadHot-reload all rules from database

Violation Tracking

The Violations tab shows every DLP match across all agents. Each violation record includes:

FieldDescription
TimeWhen the violation was detected
AgentWhich agent triggered the match
ToolThe tool or channel that contained the content (e.g., email send, web fetch)
ActionWhat action was taken (blocked, redacted, warned, logged)
DirectionWhether the content was inbound or outbound
MatchContext around the matched pattern
Warning: Violations are limited to the most recent 100 entries in the UI. For full audit history, use the Compliance reporting feature or query the API directly.

Testing Rules

The Test tab lets you validate rules against sample content before deploying them:

  1. Switch to the "Test" tab
  2. Paste sample content into the text area
  3. Click "Run Scan"
  4. Review results — shows which rules matched and how many times
Tip: Test with realistic data samples before deploying new rules. Include both positive cases (should match) and negative cases (should NOT match) to verify accuracy and avoid false positives.

Configuration & Setup

API Endpoints

MethodEndpointDescription
GET/dlp/rules?orgId=List all DLP rules
POST/dlp/rulesCreate a new rule
PUT/dlp/rules/:idUpdate an existing rule
DELETE/dlp/rules/:idDelete a rule
GET/dlp/violations?orgId=&limit=List violations
POST/dlp/scanTest content against all active rules

Rule Schema

{
  "name": "Block API Keys",
  "orgId": "org-123",
  "patternType": "regex",       // "regex" | "keyword" | "pii_type"
  "pattern": "sk-[a-zA-Z0-9]{48}",
  "action": "block",            // "block" | "redact" | "warn" | "log"
  "appliesTo": "both",          // "inbound" | "outbound" | "both"
  "severity": "high",           // "critical" | "high" | "medium" | "low"
  "enabled": true
}

Best Practices

Troubleshooting

Rule not matching expected content

Use the Test tab to debug. Common issues: regex missing anchors, case sensitivity, or PII type not covering the exact format. Try your regex at regex101.com first.

Too many false positives

Make your patterns more specific. For example, use \b\d{4}[- ]?\d{4}[- ]?\d{4}[- ]?\d{4}\b for credit cards instead of just \d{16}. Consider switching to "warn" or "log" action while tuning.

Violations not appearing

Check that the rule is enabled and that orgId matches. Violations are scoped per organization. Also verify the appliesTo field matches the direction of the content.

Agent blocked but content seems safe

This is a false positive. Review the violation's match context, adjust the rule pattern, and consider switching to "warn" action. You can delete and recreate the rule with a refined pattern.

Vault — Store credentials securely so agents don't need to handle raw secrets. Compliance — Generate reports that include DLP violation summaries. Users — Manage who can create and edit DLP rules.
AgenticMail Enterprise Documentation Report an issue