AI Data Loss Prevention is full-stack, production-ready software. Built with Python FastAPI on the backend and React 18 with TypeScript on the frontend, it gives you a working codebase for detecting, classifying, and managing sensitive data risks across text inputs, uploaded files, and API integrations. The full stack runs on PostgreSQL and Redis, ships with a Docker Compose configuration covering six services, and includes Celery with a beat scheduler for async and scheduled task processing. It is designed for developers and security-focused technical teams who need a substantial, working DLP codebase without building one from scratch.
Every scan passes through a unified parallel pipeline that runs seven AI and ML engines simultaneously: a compiled regex engine with 40+ patterns covering PII, PHI, PCI-DSS, credentials, and financial data including Luhn-validated card numbers; a spaCy transformer NER engine for extracting named entities in context; a DistilBERT multi-label classifier for content categorization; an all-MiniLM-L6-v2 embedding engine for semantic similarity detection that catches paraphrased sensitive content; an Isolation Forest anomaly detector for behavioral scoring; an LLM-powered deep analyzer for contextual risk explanation; and a Policy AI engine that converts plain English descriptions into structured policy rules. Each finding is scored and merged into a single risk level — CRITICAL, HIGH, MEDIUM, LOW, or SAFE — with confidence scores, masked values, and recommended remediation actions.
Beyond scanning, the software includes a policy engine with BLOCK, ALERT, QUARANTINE, and LOG actions; an incident management workflow with severity filtering, team assignment, investigation comments, and false-positive marking; on-demand compliance reports for GDPR, HIPAA, PCI-DSS, and SOC 2 with gap analysis and recommendations exportable as CSV or PDF; a real-time dashboard with risk heatmap, scan activity charts, and recent incidents feed; and a full REST API documented via Swagger UI. Authentication uses JWT with TOTP-based two-factor authentication (QR code enrollment included). The LLM-powered features — deep analysis and Policy AI — require an Anthropic API key.
The classifier and NER model training data is synthetically generated: 200 labeled classification examples and 102 NER span annotation examples. Synthetic data is used deliberately to improve coverage across sensitive data categories and to ensure no real personal information is embedded in or distributed with the codebase. A complete ML training pipeline is included — fine-tune the DistilBERT classifier, train the spaCy NER model, evaluate performance, and export to ONNX — using the provided scripts and training data.
Requirements: Docker Desktop with at least 8 GB RAM (16 GB recommended) for the Docker deployment path. For manual setup, Python 3.11+ and Node.js are required along with a running PostgreSQL instance and Redis. An Anthropic API key is required for the LLM deep analyzer and Policy AI features.
IMPORTANT NOTE: This software has been fully developed with all features implemented. However, it has not been tested in a live production environment. Buyers should expect to perform integration testing and may encounter minor bugs that require fixing. Basic technical knowledge and development skills are required. Buyers are solely responsible for ensuring their deployment complies with all applicable data protection laws and regulations, including GDPR, HIPAA, PCI-DSS, and any other frameworks relevant to their jurisdiction and use case.
All sales are final. Due to the digital nature of this product, no refunds will be issued under any circumstances.
LICENSE TERMS: Seller retains full ownership and control. Purchase grants a non-exclusive, non-transferable, perpetual license—AS IS, no support/updates, no refunds, no other obligations. Buyer may build and operate a materially new, closed-source product (including SaaS/paid service) for their own business/customers. Buyer may not open-source or disclose the application, nor resell, redistribute, rebrand, sublicense, or use the application (or any derivative) to create a competing or substantially similar product. License terms may be updated or changed at any time; continued use constitutes acceptance.
