Add Common Encodings & Ciphers for data matching & filteration in denylists & allowlists as pre defined templates

muhammad.ammar · September 1, 2025, 7:22am

What is a one sentence summary of your feature request?

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

i’ve been an offensive cybersec specialist for a long while and have been researching & working on defeating security solutions, and for netwrix EPP, when i deployed it and applied all proper restrictions & denylists to make sure the sensitive data do not exit the endpoint, but when i simply encoded the text into different encoding models, it easily bypassed the restrictions, i would love to see if theres already a feature available for that, except for regex, because as mentioned, it would be a time & resource taking process plus is a bit complex to implement and can cause false positives if not applied well, while the solution is one of the basic needs of all types of businesses

How do you currently solve the challenges you have by not having this feature?

regex, rough, resource & time taking + false positives

krzysztof.staszalek · September 1, 2025, 11:50am

Hi Muhammad,

Thank you for your inquiry—it’s a very insightful one. As a specialist in the data protection field for the past 20 years, I understand the challenges you’re trying to address.

Unfortunately, there is no “golden nugget” solution for detecting sneaky user behavior. While we could explore adding decoding mechanisms, this would come at a cost in terms of performance and could lead to increased false positives. I plan to initiate an internal development discussion to assess our capabilities in this area. However, I cannot provide any ETAs at this moment, as our current short/mid-term roadmap is already full.

For data to be encoded, it first has to be entered as plain text - either through file operations or clipboard activity into certain applications or browser-based apps. If tailored appropriately, our CAP policy rules might be able to detect these actions or even block encoding app usage. However, this remains a cat-and-mouse game.

I appreciate your understanding and am open to any further questions or suggestions you have.

Best regards,
Krzysiek

Topic		Replies	Views
Suggestion: Add "File Name"-Category" to "Allowlists" Ideas endpoint-protector , allowlist , file-name , new , ideas	3	96	March 5, 2025
Monitoring of custom executables in DLP Ideas endpoint-protector , threat-prevention , not-likely-to-implement , ideas	1	51	July 3, 2025
Improving the "Restrict Content Detection" Option for File Extensions: .CSV and .TXT Ideas in-progress , ideas	1	106	March 20, 2025
Suggestion: Add a recovery method for files that were encrypted via eDiscovery Ideas endpoint-protector , under-review , ideas , ediscovery , encryption	3	123	April 9, 2025
Suggestion: Support for Wildcards in File Name Denylist Settings Ideas wildcards , denylist , new , ideas	10	281	May 29, 2025

Add Common Encodings & Ciphers for data matching & filteration in denylists & allowlists as pre defined templates

What is a one sentence summary of your feature request?

Please describe your idea in detail. What is your problem, why do you feel this idea is the best solution, etc.

How do you currently solve the challenges you have by not having this feature?

Related topics