PT Data Security

White Paper: DLP - Data Loss/Leak Prevention

This product is a tool that inventories the data accumulated in the company, automates their classification regardless of its presentation (relational, hierarchical or any other), determines the level of security of critical data and controls access rights to them. The client may not know where and how the data critical for him is stored - the system will independently find it, classify it and determine the level of security and access rights for the found data.

2025

PT Data Security 1.0 accelerates data classification by optimizing the machine learning model

Positive Technologies has updated PT Data Security's single data protection platform, improving the performance of key processes. The company announced this on December 23, 2025. In version 1.0, information is classified faster, and embedded statistics by data category allow you to evaluate and prioritize threats in real time. The product is included in the register of Russian software.

One of the significant changes in PT Data Security 1.0 was the acceleration of data classification by optimizing work with the machine learning model. The team adjusted the logic of operation, which markedly reduced the time required for the initial inventory of data and the subsequent update of results in large infrastructures.

Data category statistics are now available to users, which includes the total number of objects in the infrastructure, their distribution to different repositories, as well as related incidents and risks in real time. This feature helps you quickly assess the security status of a specific category of information and identify the most vulnerable areas.

𝓲

Фото: Positive Technologies

In addition, a new page has been added to the product web interface to manage all tasks performed on the platform, including storage inventory, data classification, and risk analysis. The user can track progress, view details, manually stop tasks and diagnose potential problems, making system operation easier and more transparent.

{{quote 'The new version of PT Data Security is the result of working with our first customers. According to the results of pilot projects, the development team implemented the most popular scenarios among users, this was done in just one quarter. So, we optimized a number of architectural mechanisms, improved the performance of key processes and updated the interface. We will continue to make the product as useful and convenient as possible for daily work, working out in detail the requests of data owner companies, "said Viktor Ryzhkov, Head of Data Protection Business Development, Positive Technologies. }}

The functionality will become available to users after upgrading PT Data Security to the latest version.

PT Data Security

On October 13, 2025, Positive Technologies introduced a commercial version of PT Data Security, a data protection platform (DSP) regardless of its type and storage location with the function of automated classification of information by significance level.

As reported, the vendor began product development in 2024 and in October of the same year presented a working version (MVP). Prior to the official launch, a beta version of PT Data Security was presented, ready for the first pilot projects. The product is already at the preliminary testing stage in a number of large companies.

PT Data Security is a solution to the data security platform class. Such systems solve the main problems that companies have when protecting data:

• Find all places where significant information is stored in the infrastructure
• Identify the risks of misuse of information and allow you to distinguish access to it
• Detect suspicious data calls: leaks, changes or deletions

𝓲

Фото: Positive Technologies

The product integrates inventory, automated classification, and data monitoring, providing complete visibility into the entire storage and processing infrastructure. PT Data Security works with all data types - structured, semi-structured, and unstructured - in different storage types: databases, file and object stores, and other sources.

Previously, in order to partially close the growing need for comprehensive data protection, organizations had to purchase several disparate products that were not integrated with each other and, even in combination with each other, did not provide full data coverage.

As a study conducted by us together with K2 Cybersecurity showed, Russian companies on average use from 6 to 10 different solutions to protect information. For a business, regardless of its size and industry, this is a problem: as of October 2025, databases, file storage and other systems are protected by different people and different methods, which ultimately does not give the information security service a single idea of ​ ​ the data infrastructure. Under these conditions, data owners are looking with interest towards comprehensive data security platform solutions that combine different approaches and technologies to protect sensitive data in an enterprise environment. Systems of this class see and control the security of all data within the company without exception - regardless of their format, volume and storage location. told Viktor Ryzhkov, Head of Data Protection Business Development, Positive Technologies

According to a study by Positive Technologies, every second successful attack on Russian organizations over the past year has ended in a leak. The first positions among all information stolen by cybercriminals are occupied by information constituting trade secrets (30%), credentials (24%) and personal (17%) data. In 55% of the ads studied on shadow forums, confidential data was publicly available for free.

The commercial version of PT Data Security received significant updates, some of which were implemented based on requests from participants in the Early PTs program. For example, you can classify objects based on the classification results of other objects. With composite rules, customers can build more complex data discovery and analysis scenarios, such as automatically highlighting documents with personal employee data or financial information if they contain combinations of categories already found.

To more closely monitor data security, as well as timely prevent potential leaks and minimize damage, it is possible to set a limit on the amount of information that users are allowed to request in databases protected by PT Data Security. The business value of this feature is that even if an account is compromised, an attacker will not be able to unload a large array of sensitive data.

Important changes have occurred in the user interface. Together with the participants of the Early PTashki program, the R&D team developed a tool for navigating observed objects. PT Data Security commercial operators can quickly find the right objects by name, type, and other attributes, as well as filter results by store and class. Thus, the table saves time and makes it easier to work with large amounts of information.

You can also add your own classification rules in the GUI. The built-in designer optimized the process so that information security specialists, without undergoing special training and without involving developers, will quickly and easily configure the search for data categories specific to their company.

Another change is data class analytics, which refines the number of objects of a certain type found with distribution to repositories. The change gives PT Data Security users a complete view of the current amount of stored data and its locations.

Flexible data classification, business application identification, and AI module

PT Data Security, the MVP version of which was introduced by Positive Technologies in 2024, has been updated to beta and is available for pilot projects. The product has a flexible classification of data, identification of business applications, as well as an AI module that can accurately find critical information in sources of any type almost without the participation of information security specialists. Positive Technologies was informed about this on July 14, 2025.

In the beta version of PT Data Security, an AI module has appeared that increases the accuracy of data classification. The worse information is systematized in the organization, the more difficult it is for security agents to highlight significant information among them and ensure their protection. Traditional methods of detecting and classifying information, which are based on the application of regular expressions and formal logic, no longer produce the necessary results. As a result, it is inefficient to analyze today's complex and heterogeneous data infrastructures.

Thanks to the high accuracy - MLalgorithm developed by Positive Technologies, PT Data Security detects any type data - both structured and semi - and unstructured. The test results showed that the ML module in some cases copes twice as accurately with the task of detecting and classifying information as the use of regular expressions. The operation of the model is not affected by uninformative column names, combinations of several record formats, omissions, typos and other factors that reduce the quality of data recording. The solution searches and processes different sources equally well: documents, tables databases in, etc.

Another feature of PT Data Security is the function of identifying business applications (CRM, ERP systems, etc.). Positive Technologies found that when building protection, it is important for companies, among other things, to know how many databases belonging to specific business systems in their infrastructure and where they are located.

Now PT Data Security shows the real picture by accurately detecting the number of databases, their deployment and connection to certain software. For example, from the structure of tables, the solution can determine that it is preceded by a base related to the Bitrix CRM system 24. In addition, information security specialists can write their own rules for identifying applications specific to their company, "said Viktor Ryzhkov, head of data protection business development, Positive Technologies. - We get positive feedback about the high performance of the technology: sometimes clients mistakenly assume that the database of a particular system is stored in one place, but after checking with PT Data Security, it is found that there are much more databases - they can be cloned, which means that they all need to be protected.

Some of the functions of PT Data Security were added following the results of the early testing program. For six months, the vendor conducted research and in-depth interviews with potential users of the product and collected wishes from them. Wide-ranging feedback helped the R&D team prioritize functionality, build a development map of PT Data Security in accordance with the needs of the Russian market and the specifics of various industries. Among the functions requested by the program participants, flexible classification and the ability to add their own data classes have already been implemented, as well as support for the most common data warehouses in domestic infrastructures - structured (PostgreSQL, MySQL) and unstructured (Amazon S3, SMB).

In particular, with the help of a finely configurable classifier, the product finds not atomic entities without context (full name, dates of birth, addresses), but individual classes of documents, for example, powers of attorney, orders, specific reports. When searching for their location, operators specify a list of characteristics. identifications For comparison: systems of this class are able to search for only one parameter. In addition, PT Data Security can set its own data classes and rules for detecting them. The option is relevant for companies that use their confidential document templates or other entities with unique identifiers.

2024

Opening early testing

Positive Technologies opens an early testing program for a single data protection solution - PT Data Security. The company announced this on November 25, 2024.

"Early PTs" - PT Data Security's preliminary testing program will last six months. PT Data Security allows you to monitor the state of your storage and processing infrastructure in real time and with minimal operator participation and identify critical elements that contain the most business-sensitive information, as well as analyze the current matrix of access and access to it.

As part of the program, Positive Technologies offers customers, partners and information security specialists several participation formats. The first is product studies, in which you can study an early prototype solution and give the R&D team suggestions for improvement.

The second format is in-depth interviews. Users of Data Loss Prevention (DLP), Database Protection ( DAM or DBF), and other classes of information security solutions can share experiences, advantages, and disadvantages with these products.

The third format of participation in the program is aimed at helping Positive Technologies specialists improve the classification of data and enrich the product with knowledge of how databases and storage systems are organized in different companies. Each industry has its own specifics and types of information processed: in medical institutions, as a rule, these are analyzes and clinical trials, in banks - information about customer accounts and cards, in design bureaus - drawings and technical documentation. The data collected during testing will allow Positive Technologies to release a product that will meet the needs of the Russian market as much as possible, and will also be adapted to various areas of activity. Thus, the classifier in the commercial version of PT Data Security will include not only standard data (for example, personal data of employees), but also specific profiles for a specific business segment.

The involvement of third-party experts and companies to test the product before it enters the market is not yet very common in the B2B segment of Russia. However, we believe that this approach avoids situations where the solution enters the market raw and its refinement is already in production with the help of numerous patches and updates. We have an ambitious goal - to create a product that will close all questions about data protection and eliminate the shortcomings of several classes of solutions at once. Without dialogue with users and discussing real problems, this is a difficult task, "said Viktor Ryzhkov, head of business development for data protection at Positive Technologies.

Members of the Early PTs program will have free access to early versions of the product and improved compatibility with it. The PT Data Security command will take into account their wishes for functionality and will be able to use their data to train the classification mechanism. Program members will also receive discounts on the purchase of a license after the release of the commercial version.

PT Data Security View

Positive Technologies is entering the data protection market. The vendor presented the MVP version of PT Data Security, a single solution for protecting data, regardless of its type and storage location, with the function of automated classification of information by level of significance. The company announced this on October 10, 2024.

Over the past few years, the storage and processing infrastructure in companies has evolved technologically and grown in volume. From isolated and loosely connected segments, it has evolved into a system with many unstructured and localized in different parts of elements with complex and constantly changing connections. Against this background, the solutions created earlier turn out to be ineffective and do not allow building a comprehensive security system, since each of them is designed to solve narrow tasks: one for database protection, the other for file storage protection, and the third for monitoring employee actions. This atomic approach is the reason for the weak points in the infrastructure that hackers use: for example, every second successful attack on organizations in the first half of 2024, according to a study by Positive Technologies, turned into a leak.

For most companies, previously collected and accumulated data, the volume of which can be calculated in petabytes, is one of the most valuable assets. Against the background of the increased interest of hackers in information, as well as the shortcomings of existing cybersecurity systems, the need for a fundamentally new solution has ripened. It should protect data in any form, wherever it is: in databases, file, object, corporate storage, in data lakes, on web portals. PT Data Security is just such a solution, "said Denis Korablev, Managing Director, Product Director of Positive Technologies.

PT Data Security enables real-time and minimal operator participation to monitor infrastructure health and identify critical elements that contain the most business-sensitive data, as well as analyze the current access and access matrix. As a result, the company gets an idea of ​ ​ the real state and level of security of the data infrastructure, which helps to prevent information theft in time and complicates the ability for attackers to be present in the infrastructure for a long time and imperceptibly.

An important function of PT Data Security is automated classification of data, regardless of the form in which they are presented. Within the solution, a set of industry-specific policies and models to search for different classes of critical information. Through a unified approach, PT Data Security aggregates information in one place. Business may not think about how and in what format it is stored, but immediately focus on protection, - said Viktor Ryzhkov, head of business development for data protection at Positive Technologies.

According to the CSR, the domestic data protection market is the fastest growing segment in the industry. In 2023, it increased by 93% of the indicator a year earlier and reached 23 billion rubles, accounting for 12% of the total information security market. At the same time, Positive Technologies experts note that the segment's share is still low and its potential has not been disclosed. They attribute this primarily to the lack of products that effectively address data security issues. With the advent of such tools, the share of the data protection segment may approach half of the total information security market, which, according to the CSR, will amount to 715 billion rubles by 2028. Positive Technologies plans to occupy at least 50% of the data protection segment by 2028.