Translated by

Zecurion DLP

Developers: Zecurion (before SecurIT)
Date of the premiere of the system: February, 2012
Last Release Date: 2020/06/29
Technology: Cybersecurity - Information loss preventions


Zecurion DLP includes Zgate, Zlock and Zdiscovery which can be used as in a complex, and separately. Zgate analyzes the messages transferred on network channels, Zlock controls printing on printers and copying of documents on removable mediums, Zdiscovery implements search of confidential information on computers of users and in data warehouses. In addition to a problem of internal control, the products Zecurion help to solve not less important problem — observance of requirements of industry standards and the legislation.


Compatibility of Zecurion DLP Linux Agent of version 1.2 with Astra Linux Common Edition release Smolensk versions 1.5 and 1.6 and Astra Linux Common Edition release Oryol of version 2.12

On June 29, 2020 Astra Linux Group, the domestic developer of operating systems and means of virtualization, reported that together with Zecurion, the Russian developer of products for cyber security of the organizations, tests for compatibility of Zecurion DLP, solutions for data protection from leaks, and operating systems of the Astra Linux family completed.

For carrying out a complex of test works of Zecurion DLP Linux Agent of version 1.2 the release Smolensk versions 1.5 and 1.6, including with security update "Bulletin No. 20191029SE16", and Astra Linux Common Edition release Oryol of version 2.12 was installed on the equipment running the Astra Linux Special Edition operating systems. Operating systems were loaded with cores of generic and hardened. In a work progress experts tested start, functioning, a stop and removal of Zecurion DLP from structure of operating systems. Results of a series of tests showed that a DLP system correctly works running Astra Linux OS. Thus full compatibility of products and suitability of a program stack for application at the Russian enterprises was confirmed officially.

Confirmation of compatibility of Zecurion DLP with an operating system family of Astra Linux says that we can offer the market one of the most technology perfect and demanded systems for solving of tasks of information security in Linux Wednesday. We see perspectives of increasing partner interaction with Astra Linux as from satisfaction of pent-up demand on DLP Linux among customers long ago, and for solving of tasks, facing our country in the field of import substitutionAlexander Belyavsky, the commercial director of Zecurion says.

Were tested within the program of technology partnership of Ready for Astra Linux. The compatibility of operating systems of Astra Linux with DLP systems confirmed with expert checks as Zecurion is excellent news to customers who need to solve at the same time two problems. The first of them — ensuring control of information flows at the enterprise according to relevant industrial standards. The second — accomplishment of the requirements set by regulators of the market regarding security of information. This program stack allows to close both of these questions now — Roman Mylitsyn, the chief innovation officer of Astra Linux Group summarizes.

Obtaining FSTEC certificate

On March 4, 2020 the Zecurion company, the developer of solutions on cyber security, received the updated FSTEC certificate for the solution Zecurion DLP.

Obtaining FSTEC certificate

The Zecurion Enterprise RV DLP system successfully passed tests and received confirmation on compliance to the last requirements of FSTEC to the software on the 4th level of control set in the documents "Requirements to Control Facilities of Removable Machine-readable Mediums" and "Profile of Protection of Control Facilities of Connection of Removable Machine-readable Mediums of the Fourth Class of Protection".

The certified version of Zecurion DLP includes the full-function agent for control of data at workstations under control of Linux. The increased demand of the Russian companies and public sectors on solution Linux is dictated by requirements of the Russian legislation on need of use of the Russian software. At the same time the security issue of information remains open. Zecurion Endpoint DLP Linux successfully solves problems of the Russian organizations for confidential data protection from leak at workstations under control of Linux.

We managed to receive rather 'strong' certificate according to security requirements of control of connection of removable machine-readable mediums. In spite of the fact that the profile of FSTEC was published in 2014, not all producers DLP are certified on compliance to the last requirements. We in the development began systems with this subject and more than in 10 years developed the agency module to perfection. The received certificate is not only an indicator of compliance to requirements of FSTEC for all channels of information leak, but also the character of our technological leadership,
comments Alexander Belyavsky, the commercial director of Zecurion

Zecurion DLP as a part of Traffic Control, Device Control and Discovery has the built-in function of archiving, saving copies of all intercepted messages, letters, the attached files, documents written on USB devices and printed. Except identification and blocking of information leaks, a DLP system using the module of the behavioural analysis (UBA) analyzes actions of employees and reveals potentially dangerous activity.

Release of Zecurion DLP 10

On January 30, 2020 the Zecurion company announced release of the tenth version of the DLP solution which controls correspondence in Telegram and WhatsApp, estimates an emotional condition of employees and deletes unauthorized copies of confidential information at their detection in storage locations.

Zecurion released the tenth version of the DLP solution

According to the statement of the developer, in the tenth version the line of controlled messengers was replenished with popular Telegram and WhatsApp. A system analyzes messages regarding compliance to security policies, conducts history of audio-and video calls in applications by analogy with other channels (mail, USB devices, printers, social networks, etc.).

The provided version automatically deletes the undesirable files found in storages and on local computers. If earlier data had to be processed and deleted manually, then in Zecurion DLP 10 the module Discovery independently deletes the undesirable file and saves the archive copy and information on actions with it in archive, claim in Zecurion.

In Zecurion DLP 10 control of an emotional status of users appeared. The model estimates employees on 8 main behavioural reactions and helps the security officer to select among personnel of risk group. A system automatically builds the report with information on dynamics of an emotional status of the employee and the evident chart. This model allows to obtain the additional information about personnel, to predict moods in collective and to identify disloyal employees, the developer considers.

As noted in Zecurion, it is possible to obtain information on actions of employees using pictures from the webcam. A system with the set frequency creates a photo from the camera of the user computer and saves them in archive. Pictures from the camera allow to monitor presence of the employee in a workplace and also serve as the additional proof in case of investigation of an incident.

One more addition to the analytical DLP tools — a possibility of joint work with SIEM. Zecurion DLP transfers data to the popular SIEM systems. Thanks to it the Information Security Service can analyze in a complex all events of information security in the company and quickly react to them, emphasized in Zecurion.

"In the 10th version in addition to additional opportunities was placed emphasis on system improvements of architecture. It will allow to expand possibilities of application and integration in difficult and large infrastructures. In particular, we added flexibility in providing access to functions and data which is so demanded by big customers. For example, it is possible to make special reports for top management and to involve business in ensuring cyber security in language, clear for it",

According to the developer, significant completions are entered into the system of joint work with incidents in the analytical module Zecurion Reports. The staff of department of information security can exchange comments which are displayed in the separate section of the web console. Also the optional notification of users on violation the politician of corporate security was added. Recently many organizations began to pay attention to increase in awareness of personnel. Mechanisms of the notification, justification and confirmation of actions of the user are actively used, thereby reducing number of accidental leaks and increasing the responsibility of the employee for the actions.


iPad a-application for management of a DLP system

On July 9, 2019 the company Zecurion, the developer of solutions on cyber security, released mobile application for management of Zecurion DLP of page tablets Apple iPad.

The application is created for convenience and simplification of work of the security officers who are daily working in the web interface of a DLP system. The version for the tablet is full and provides to the administrator of DLP the same tools for work, as the normal web console — a card of the employee and the chart of communications, account given the behavioural analysis (UBA), a working environment of the system administrator (workflow) and other opportunities.

Now in the tablet it is possible to browse key information on a status of protection of IT infrastructure, data on the broken security policies and to manage fully archive and reports. As well as in the normal web console, on the homepage it is possible to configure widgets using filters depending on daily problems and needs of the officer of cybersecurity.

The administrator of DLP can keep track far off of dynamics of succession of events on the device and provide using the special designer of reports daily statistics or the report of key events in a week for the management. Data, as well as in the web version, are displayed in Apple iPad in a tabular style with convenient sorting and fast filters.

iPad a-application for management of a DLP system
We developed an iPad-application, being based, first of all, on wishes of our customers. Many security experts use Apple tablets popular around the world in work. We listen to requests of clients and we aim to make their work the simplest and convenient, and products — effective, combining in them technological effectiveness and convenience of using,


The free application is already available to downloading in App Store (available to iPad). For its use it is necessary to update Zecurion DLP (module Reports) to the latest version.

Release of the module Zecurion Camera Detector for protection against photography of the PC screen

On July 2, 2019 the Zecurion company, the developer of solutions on cyber security, announced release of the module of protection against photography of screens of computers and notebooksZecurion Camera Detector. Thus, Zecurion DLP becomes the DLP solution controlling such channel of information leak.

Zecurion Camera Detector

Zecurion Camera Detector reveals photography of screens of corporate computers on the smartphone due to use of machine learning technologies based on neural networks. At detection of suspicious actions of the user Zecurion DLP allows to notify timely Information Security Service on potential threat and to reduce risks of date leaks, and the fact is fixed in DLP archive.

Zecurion Camera Detector

The module defines smartphones, irrespective of color of the body and model and also suppresses noise and ignores excess objects against the background of for more exact determination of devices and reduction of number of false operations. It is important that the module works regardless of whether the camera is used by other applications or not. So a DLP system can control shooting of the screen even if the employee communicates on Skype at this time or participates in video conference.

Special attention of customers was always paid to an information leak problem through shooting of PC screens using gadgets, but before there was no technical solution which allowed to close this "hole". Many organizations tried to reduce risks prohibitive measures and administrative restrictions for use of gadgets up to their withdrawal at employees at an input in office. Using Zecurion Camera Detector we offer the tool which will allow to control this channel of leaks, to observe requirements of the legislation and to lift administrative limits from employees,
speaks Alexander Kovalyov, the deputy CEO of Zecurion

In the future the company is going to expand possibilities of the module and types of recognizable objects. Also there will be an opportunity to configure different reactions of a system at identification of an incident — clearing of the screen or blocking of an account of the violator before clarification of a situation.

Compatibility with Red OS

On February 11, 2019 the RED SOFT company announced signing with Zecurion of the certificate of compatibility of the products.

According to the company, the list of the supported distribution kits Linux in Zecurion DLP was replenished operating system RED OS. The companies held testing as a result of which the complete and correct operability of a system of protection against information leaks Zecurion DLP on the Russian to the operating system RED OS was revealed.

The Zecurion DLP complex as a part of Traffic Control, Device Control and Discovery has the built-in function of archiving, saving copies of all intercepted messages, letters, the attached files, documents written on USB devices and printed. Except identification and blocking of information leaks, a DLP system using the module of the behavioural analysis (UBA) analyzes actions of employees and reveals potentially dangerous activity. Zecurion DLP is closely integrated with a control system of privileged users of Zecurion PAM (Privileged Access Management) and Zecurion SWG (Secure Web Gateway) for access control to web resources.

Before release of our Linux agent in the DLP market the segment of protection of customers in whose infrastructure it is planned or is already actively used by Linux on computers of sotrdunik, was practically not occupied. We the first issued the full-function and working solution which is integrated completely in Zecurion DLP and easily works in enterprise-networks with difficult infrastructure.

Alexander Kovalyov, deputy CEO of Zecurion

Development of the affiliate program helps to improve products. Experience of RED SOFT confirms that cooperation with partners allows to achieve the goal, important not only for the company, but also for the market in general. Such purpose is also import substitution of the software. Compatibility of RED OS and Zecurion DLP an important step in this direction.

Rustam Rustamov, deputy CEO of RED SOFT

Version of Zecurion DLP 9.0

On January 29, 2019 the Zecurion company, the Russian vendor of information security tools, released the ninth version of a DLP system with the extensive list of the additional opportunities increasing the speed of daily work of officers of cybersecurity and significantly simplifying implementation and system maintenance in the average and large organizations.

One of the main innovations of the ninth version – the module of control of applications. The officer of cybersecurity with the help the politician can permit or block access for the specific user or group to certain programs. In Zecurion DLP 9.0 11 categories of applications are preset and also there is an opportunity to add and edit own categories. A system fixes start of the permitted applications, creates reports on attempts of opening of prohibited and notifies on it the officer of cybersecurity.

It became more convenient to browse information on actions of employees. Zecurion DLP 9.0 allows to unload screenshots from archive in a format of video files or to browse them in the slideshow mode directly from the web console.

Information on actions of staff of Zecurion DLP 9.0

In Zecurion DLP 9.0 the component — the installation server appeared. Using it the system administrator can independently manage installation, updating and service of agents of Zecurion DLP without involvement of IT department and use group the politician of the domain or other solutions.

Installation server
In this version we put emphasis on convenience of system management. In particular, seriously optimized work in large corporate networks with hundreds of thousands of users. The ninth version works with large volumes of data of the Active Directory much quicker and without delays unloads up to 1 million objects. Also we pointwise updated the web interface. Expanded possibilities of a working environment of the officer of cybersecurity, made a tabular style of reports with convenient sorting and fast filters. In cards of employees added an option of the comment and the statuses of users. These and other improvements in 9.0 will allow officers of cybersecurity quicker and more comfortably to perform daily work.
Alexander Kovalyov, deputy CEO of Zecurion

As additional opportunities in Zecurion DLP 9.0 support Russian is expanded DBMS Postgres Pro, import of the additional information about users from Microsoft the Active Directory and a possibility of unloading of incidents in HTML- a format is added. In the web interface the updated report types and diagrams, for example, the tabular report with a possibility of operational filtering and search in a large number of incidents are added (to 100 thousand). A number of changes for deeper integration with Zecurion SWG PAM 2.0 and 2.0 is entered.

Also the separate iPad-application for system management and viewing the reporting which provides more convenient interaction with DLP of administrators and business users is provided in version 9.0.

Information on users from Microsoft Active Directory


Zecurion DLP Linux Agent

On December 4, 2018 the Zecurion company, the Russian developer of the systems of protection against internal threats, released a DLP system for control of workstations on Linux. The solution is intended for work on the Russian distribution kits: Alt Linux, GosLinux, Astra Linux and RED OS.

Upgraded version controls use of removable devices, printing on printers, data transmission on network and e-mail from workstations. Also Zecurion DLP Linux Agent takes screenshots and intercepts text entering on the keyboard. All intercepted network traffic goes to DLP Processor — the server module of the content analysis. For detection of confidential information more than 10 different technologies of detecting which are available also in Windows version are used.

The solution allows to create flexible security policies for removable mediums. At the same time it is possible not only to prohibit or permit use of USB drives, but also to set restriction — for example, to permit only viewing data. At record on devices, printing of documents and data transmission on network a DLP system saves files and all accompanying information in archive. Management of politicians of Linux agents happens via the single console of management Zecurion, at the same time politicians are also universal for Windows - and Linux agents. It significantly simplifies work of the security officer and reduces time for setup of a system and data processing on incidents.

The increasing number of the companies and government institutions passes to domestic software within import substitution. At the same time in the organizations there is a need of data protection from leaks on Linux machines. For us it is an excellent opportunity to improve DLP, having offered upgraded version of a product under demanded operating systems. For December, 2018 Zecurion DLP supports four most popular operating systems among our customers, and in the near future we will expand a line of the supported Linux distribution kits.
Roman Vasilyev, technical director of Zecurion

Release of Zecurion DLP of version 8.0

On February 13, 2018 the Zecurion company announced release of Zecurion DLP of version 8.0.

In Zecurion DLP of version 8.0 the module of the behavioural analysis (UBA) is implemented. The module using specially developed algorithms analyzes actions of employees — change of amounts and the nature of use of different communication channels, incidents, violations the politician — and automatically reveals suspicious activity of users. Zecurion UBA helps security officers to reveal more effectively threats at early stages, for example, when insiders are only going to steal information or the employee began to send actively corporate data out of limits of network.

Zecurion DLP of version 8.0

Also in version 8.0 the web interface for all modules Zecurion DLP is updated. Transition to a web allowed to increase availability and convenience of using of the management console. Separation into work areas of management and work with archive and reports (Zecurion Reports) allowed to optimize work in the interface.

In the console significant completions were entered to workflow — the system of joint work of security officers with events. The tool will be most relevant for large departments of cybersecurity where step-by-step processing of incidents, including the staff of several divisions is regulated. On the homepage of Zecurion Reports the feature for flexible customization of widgets and their setup under any tasks using filters, time limits and all tools of version 8.0 is added. Also formats for export — PDF, Excel, TSV were added. Based on pilot implementation of Zecurion DLP 8.0, security officers save on processing of incidents on average 20 — 35% of time in comparison with versions 6.0 and 7.0.

Zecurion DLP of version 8.0

Zecurion DLP 8.0 developers paid much attention to speeding up of a system during the work with a large number of incidents. Loading in the console of several tens of thousands events happens to the minimum delays. High high-speed performance is provided with architectural features of Zecurion DLP. Also in addition to the Microsoft SQL Server support of PostgreSQL DBMS from the register of the Russian software was added.

"Collecting of a large number of information on users collected by all modules Zecurion DLP, the analysis of actions of employees and providing the maximum number of tools to specialists of service cybersecurity — one of the main vectors of development of our products for the next several years. In version 8.0 also added features to use the keylogger on agents and to make record from the microphone, and all in the version we implemented about 100 different interface changes."

2017: Partnership with ABBYY

In May, 2017 the Zecurion company announced cooperation increase with ABBYY company. Within partnership Zecurion can use the new version of ABBYY FineReader Engine technology in all the products for recognition of texts in graphic files.

Zecurion and ABBYY cooperate more than 6 years. Earlier the technology of optical recognition of texts of ABBYY FineReader Engine was applied only in Zecurion Zlock (Device Control) and Zecurion Zgate (Traffic Control). On new conditions of partnership, the technology is used in all products of the Zecurion DLP complex. Using ABBYY FineReader Engine of the solution Zecurion recognize information in images that gives the chance to reveal violations of security policies and to prevent leakage of confidential data.

The sensing technology of ABBYY FineReader Engine used in DLP solutions of Zecurion helps security services to monitor in time attempts to organize date leak in scans, photos, the PDF documents, printouts, screenshots. An OCR system in DLP recognizes the text in images even of low quality, quickly processes multipage documents and volume files, allows to find the data inserted into other document in the form of the image. Thanks to the high performance of solutions of Zecurion, all checks happen quickly and imperceptibly for users.

2016: Unified register of the Russian programs

At the end of 2016 the Ministry of Telecom and Mass Communications signed the order on inclusion of the Zecurion DLP system, the Russian developer of solutions on information security, in the Unified register of the Russian programs for electronic computers and databases.

The decision was made by Expert advice on the Russian software at the Ministry of Telecom and Mass Communications of the Russian Federation which members are representatives of FAS Russia, Ministry of Finance, Federation Council of Federal Assembly of the Russian Federation, institutes of development and industry associations. Inclusion in the Register of the Russian software of the Zecurion DLP system is official confirmation of the Russian origin of a product.

2015: Zecurion completed certification of the DLP solution

On May 19, 2015 the Zecurion company announced certification of the product Zecurion DLP on the 4th level of control of NDV. Certification tests were carried out in testing laboratory NPO Eshelon.

DLP- a system from Zecurion passed tests and protection against unauthorized access to information received confirmation on compliance to requirements of the regulating document ". Part 1. Software means data protection. Classification by the level of absence control of not declared opportunities" on the 4th level of control.


The SecurIT company provided in March, 2012 the updated line of DLP products in the field of data protection from internal threats. Systems for the solution of different tasks within data protection enter the SecurIT DLP complex: Zgate, Zlock, Zserver Suite and Zdiscovery. All four products can independently be used for the solution of the tasks set for them, and together they make the end-to-end system providing effective protection against leaks of confidential information, says SecurIT.

So, Zgate analyzes the messages transferred on network channels. Zlock controls printing on printers, copying of documents on USB drives and other devices. In turn, Zserver protects information at storage on servers using enciphering. Zdiscovery implements search of confidential information on computers of users and in data warehouses. All products — Zgate, Zlock, Zdiscovery and Zserver — are controlled from the Zconsole single console with the general user-friendly interface. According to developers, it allows to minimize efforts on integration of the different systems and to centralize administration of a system of protection against information leaks.