Data Splicing Attacks - Breaking Enterprise DLP from the Inside Out
Security BSides San Francisco via YouTube
The Most Addictive Python and SQL Courses
Learn AI, Data Science & Business — Earn Certificates That Get You Hired
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Learn about a critical data exfiltration technique that can bypass all major Data Loss Prevention (DLP) vendors in this 44-minute conference talk from BSidesSF 2025. Discover how security researchers Vivek Ramachandran and Audrey Adeline uncovered data splicing attacks that exploit fundamental architectural flaws in both endpoint and proxy-based DLP solutions. Examine the technical details behind these bypass methods through live demonstrations that show how enterprise security controls can be circumvented from within an organization. Explore the release of Angry Magpie, a new open-source toolkit specifically designed for red teams to replicate and test these data splicing attacks in their own environments. Gain insights into the vulnerabilities present in enterprise DLP systems and understand the implications for organizational data security posture.
Syllabus
BSidesSF 2025 - Data Splicing Attacks: Breaking Enterprise... (Vivek Ramachandran, Audrey Adeline)
Taught by
Security BSides San Francisco