๐ป Gartner Phase 2 โ Endpoint Data Loss Prevention Agent
NextGuard Endpoint DLP
Kernel-level endpoint agent for Windows, macOS, and Linux. Enforces DLP policies on USB, print, screenshot, clipboard, browser uploads, and email โ even when offline.
๐ช
Windows 10/11
Full support โ kernel driver
๐
macOS 12+
Full support โ system extension
๐ง
Linux (RHEL/Ubuntu)
Partial โ USB + network
๐ก๏ธ Endpoint Agent Capabilities
๐
USB / Removable Media Control
Block or allow USB drives, external HDDs, SD cards based on device allowlist, file classification, and user risk score. Encrypted USB devices can be permitted for approved users.
๐จ๏ธ
Print Control
Intercept print jobs before spooling. Block printing of RESTRICTED/CONFIDENTIAL documents to unapproved printers. Require manager approval for sensitive print jobs.
๐ธ
Screenshot Prevention
OS-level kernel hook detects screenshot attempts (keyboard shortcut, API call, screen capture tools). AI OCR scans screen content in real-time to determine if sensitive data is visible.
๐
Clipboard Monitoring
Monitor clipboard content for PII and sensitive data. Block paste operations to unauthorized applications (messaging apps, personal email, social media).
๐ก
Offline DLP Enforcement
DLP policies cached on device. Full enforcement continues when disconnected from network or VPN. Events queued and synced to SIEM when connectivity restored.
๐
Browser Upload Control
Intercept file uploads in all browsers (Chrome, Edge, Firefox, Safari). Block uploads of classified files to personal cloud storage, social media, or unauthorized web apps.
๐ฑ
Application Governance
Detect and block unauthorized applications (personal Dropbox, WeChat, Telegram). Enforce approved software list. Alert on Shadow IT installations.
๐ง
Email Client DLP
Intercept emails in Outlook/Apple Mail before send. Block attachments containing RESTRICTED data sent to personal addresses. Enforce encryption for external email.
Simulates deploying to 127 Windows / macOS / Linux endpoints