zavetsec/zavetsec-dlp

GitHub: zavetsec/zavetsec-dlp

Stars: 1 | Forks: 0

# ZavetSec DLP

Platform Server .NET Status Version License

**ZavetSec DLP** is a self-hosted **endpoint activity auditing** platform for insider threat monitoring and compliance. A lightweight Windows agent silently monitors endpoint activity and ships data to a central server with a real-time web dashboard. Built for IT security teams who need visibility into endpoints without relying on cloud vendors. ## Why ZavetSec DLP? - **Fully self-hosted** — your data never leaves your infrastructure - **Zero dependencies on endpoints** — single self-contained `.exe`, no .NET required on workstations - **Designed to survive prolonged server outages** — persistent disk buffer (50 MB) with exponential backoff - **Production-ready security** — brute force protection, rate limiting, HTTPS, PBKDF2 passwords, role-based access - **Remote control** — start, stop, restart, or uninstall agents directly from the web dashboard - **Multilingual** — English and Russian UI, switchable at runtime ## Table of Contents - [Quick Start](#quick-start) - [Dashboard Preview](#dashboard-preview) - [Installing from a Release](#installing-from-a-release-no-sdk-required) - [Why ZavetSec DLP?](#why-zavetsec-dlp) - [Threat Model](#threat-model) - [Features](#features) - [Architecture](#architecture) - [Requirements](#requirements) - [Step 1 — Build](#step-1--build) - [Step 2 — Deploy the Server](#step-2--deploy-the-server) - [Step 3 — Antivirus Exclusions](#step-3--antivirus-exclusions-required) - [Step 4 — Install the Agent](#step-4--install-the-agent) - [Configuration](#configuration) - [Privacy Controls](#privacy-controls) - [HTTPS](#https) - [Authentication & Security](#authentication--security) - [Reliable Event Delivery](#reliable-event-delivery) - [Telegram Alerts](#telegram-alerts) - [Dashboard](#dashboard) - [Remote Agent Management](#remote-agent-management) - [Uninstall Agent](#uninstall-agent) - [API Reference](#api-reference) - [Project Structure](#project-structure) - [Troubleshooting](#troubleshooting) - [Security Notes](#security-notes) - [Intended Use](#intended-use) - [Performance](#performance) - [Known Limitations](#known-limitations) - [Duplicate Hostnames](#duplicate-hostnames) - [Roadmap](#roadmap) - [Changelog](#changelog) ## Quick Start Get the server running and the first agent connected in under 10 minutes. **1. Build both projects** (requires .NET 8 SDK): cd DlpServer && dotnet publish -c Release -o publish && cd .. taskkill /IM ZavetSecDlpAgent.exe /F 2>nul cd DlpAgent && dotnet publish -c Release -o publish && cd .. **2. Configure and start the server:** copy DlpServer\appsettings.example.json DlpServer\appsettings.json :: Edit appsettings.json — set ApiKey and Certificate.Password notepad DlpServer\appsettings.json cd DlpServer\publish dotnet DlpServer.dll :: Dashboard: https://localhost:5001 Login: admin / admin **3. Install the agent on a workstation** (run as Administrator): .\install.ps1 -ServerUrl "https://YOUR-SERVER:5001" -ApiKey "YOUR_KEY" The agent appears in the **Agents** tab within ~30 seconds. Default credentials: `admin` / `admin` — you will be forced to change the password on first login. ## Dashboard Preview