Skip to main content
Data Loss Prevention

DLP & Content Intelligence

Detect, classify, and act on sensitive data before it leaves your organization. Multi-stage pipeline with pattern matching, ML models, and GenAI classification across six detection categories.

PHI DetectionPII ScanningML ClassificationGenAI Analysis
01Detection

Detection Engine

Multi-stage pipeline combining pattern matching, machine learning, and generative AI for high-accuracy sensitive data detection.

This is not basic keyword matching. MnemoShare's DLP engine runs a three-stage pipeline: regex patterns flag candidates, ML models score confidence, and GenAI integration (Anthropic or OpenAI) provides semantic classification for edge cases. Each stage narrows false positives.

Detection Categories

  • PHI: MRN, ICD-10, CPT, NPI, DEA
  • PII: SSN, driver's license, passport
  • PCI: credit cards with Luhn validation
  • SECRETS: API keys, tokens, credentials
  • INFRA: IPs, connection strings
  • REGULATORY: international identifiers

Accuracy

  • 40+ patterns across 6 categories
  • Confidence scoring with configurable thresholds
  • Post-match validation (Luhn, checksums)
  • GenAI classification via Anthropic and OpenAI
DLP Inline in the Transfer PipelineEvery upload routes through scan → detect → decide → encryptWHERE YOU SEE THISCompliance → DLP tabPer-file scan historyTest Scan panelPolicy editorDETECTORSSSNPCI / PANPHI · ICD-10 · MRNCustom RegexUploadweb · CLIOutlook · email gateway01ClamAV (ICAP)per-chunk + final scan02DLP Enginepattern rules + AI classifier03Policy decisionblock · quarantineallow + alert04Encrypt + StoreAES-256-GCM · KMS envelopeS305Blockedupload rejected · audit loggedQuarantinedheld · admin reviewsAllowed + Alertproceeds · alert raisedAUDIT RAILScan IDFindings + confidenceAction takenOrg policyTimestamp + IP
02Policy

Policy & Response

Configure detection policies with custom rules, violation thresholds, and response actions tailored to your compliance requirements.

Policies

  • Per-policy rule selection from any detection category
  • Violation threshold — minimum matches to trigger
  • Filename scanning for embedded sensitive data

Actions

  • Configurable responses: log, warn, or block
  • Automatic masking of findings in logs and alerts
  • Real-time scan results dashboard
DLP Scan Results
Total scans
374
With findings
201
Active policies
2
Errors
0
FileStatusFindingsAction
patient_records_q1.csvdetected3block
EIN_letter_first_page.pdfdetected1log
quarterly_report.pdfclean0log
audit_2026.xlsx.sha256clean0log
credentials_backup.envdetected4block
03ML Pipeline

ML Integration

Augment rule-based detection with ML-powered PII analysis for maximum coverage.

  • ML-powered PII detection beyond regex matching
  • AI-powered semantic content analysis beyond regex patterns
  • Combines rule-based and ML-based detection for maximum coverage
Regex baselinestage_01
US_SSN0.99
PERSON
PHONE_NUMBER
LOCATION
DATE_OF_BIRTH
DRIVER_LICENSE
entities_recognized1 / 6
+ ML Layerstage_02
US_SSN0.99
PERSON0.98
PHONE_NUMBER0.94
LOCATION0.91
DATE_OF_BIRTH0.96
DRIVER_LICENSE0.87
entities_recognized6 / 6 · 5 net new
Comparison

Beyond traditional MFT

Most managed file transfer platforms were designed before modern threats existed. Here is how MnemoShare compares.

CapabilityTraditional MFTMnemoShare
Detection methodKeyword matching or regex onlyMulti-stage: regex, ML, and GenAI with confidence scoring
CoverageBasic PII patterns40+ patterns across PHI, PII, PCI, secrets, infrastructure, regulatory
AccuracyHigh false positive ratesPost-match validation (Luhn, checksums) + confidence thresholds
ResponseBlock or allowConfigurable: log, warn, or block with violation thresholds
Scanning scopeUploaded files onlyFiles, filenames, email content, email attachments

See how MnemoShare compares. Schedule a demo

In Practice

Real-world use cases

PHI leak prevention

Healthcare org scans all outbound files for protected health information (MRN, ICD-10 codes, patient names). Policy blocks transfers containing PHI unless the recipient is on the approved partner list.

Financial data governance

Bank scans documents for credit card numbers, SSNs, and account numbers before external sharing. Luhn validation eliminates false positives on credit card patterns. Findings logged for compliance audit.

Credential exposure detection

DevOps team uses the SECRETS category to catch API keys, tokens, and connection strings accidentally included in file transfers. Automatic masking prevents credentials from appearing in logs.

FAQ

Frequently asked questions

What types of sensitive data can MnemoShare detect?

MnemoShare detects data across six categories: PHI (medical record numbers, ICD-10 codes, NPI, DEA numbers), PII (SSN, driver's license, passport), PCI (credit cards with Luhn validation), SECRETS (API keys, tokens), INFRA (IP addresses, connection strings), and REGULATORY (international identifiers). Over 40 built-in patterns.

How does the multi-stage detection pipeline work?

Files pass through three stages: pattern matching flags potential sensitive data, ML models score confidence on each finding, and optional GenAI integration (Anthropic or OpenAI) provides high-accuracy semantic classification for edge cases. Each stage narrows false positives.

Can DLP policies be customized per organization?

Yes. Administrators create policies with custom rule selections from any detection category, set violation thresholds (minimum matches to trigger), choose actions (log, warn, or block), and enable/disable specific patterns.

Does DLP scanning work on email?

Yes. The email security gateway applies DLP scanning to email body content and attachments before forwarding, using the same detection engine and policies as file uploads.

Get Started

Ready to see MnemoShare in action?

Start a free trial, schedule a walkthrough, or dive into the docs.