SearchInform Expands DLP Capabilities with New Cloud Upload Monitoring Tool
SearchInform KIB has introduced a new cloud monitoring report that gives cybersecurity teams real-time visibility into data uploads to third-party cloud services.
Minimizing Data Leakage Risks
SearchInform, a leading Russian developer of DLP and SIEM systems, has added a new system report titled 'Document Uploads to the Cloud' to its flagship product, the modular data leak prevention suite Kontur Informatsionnoy Bezopasnosti (KIB). The feature tracks who uploaded which files to which cloud services, providing a comprehensive audit trail.
The report enables information security (IS) teams to analyze upload volume and frequency, types of cloud services accessed, and user-specific activity. It also helps identify anomalous upload behavior and fine-tune security policies—such as banning specific cloud platforms or restricting the upload of sensitive content.
The tool can integrate with SearchInform’s FileAuditor, a DCAP system used to inspect documents already stored in the cloud. This level of control is especially critical for organizations operating under hybrid or remote work conditions, where cloud risks increase significantly.
Strengthening Control Over External Data Traffic
The new feature enables organizations to bolster oversight of outbound data traffic. Proactive detection capabilities allow companies to justify investments in cybersecurity and meet regulatory expectations.
Beyond domestic use, the solution holds export potential, particularly for financial institutions and government agencies restricted from storing data abroad. Compatibility with Astra Linux and local platforms like FileAuditor and Cloud Controller makes the product attractive for countries promoting domestic IT stacks.
Future roadmap items include support for SaaS platforms (Google Workspace, Dropbox), machine learning to detect behavioral anomalies, and detailed tracking for mobile and VPN-connected devices.
Consistent Expansion of DLP Functionality
Russia’s DLP market has steadily matured. From 2019 to 2020, growing demand for insider threat detection spurred convergence between SIEM and DLP systems. This led to automated incident response capabilities and methods for identifying leaks via embedded file metadata and screen captures.
In 2021, KIB integrated with Astra Linux and domestic databases to enhance compliance and bolster data protection. By using Russian software stacks, financial institutions met import substitution goals and shielded themselves from sanction risks.
In 2022, SearchInform launched FileAuditor’s SCAP/DCAP module for auditing personal data and document types. Between 2023 and 2024, the system gained tools to monitor messengers and corporate cloud services. It now tracks uploads via messaging apps and cloud syncs.
Recent enhancements allow the system to audit Amazon S3 cloud storage using native APIs—reviewing content, tracking file changes, and maintaining revision histories. These capabilities mark the transformation of KIB from a monitoring tool into an integrated platform with cloud, AI, and DCAP functionality.
A Marker of Market Maturity
The new cloud upload report underscores the evolution of Russia’s domestic DLP ecosystem. With structured, task-specific reports, KIB enables IS teams to assess and respond to threats more effectively. Its capabilities reflect growing market demand for security solutions adapted to remote work and import substitution mandates.
Future developments include tighter integrations with cloud provider APIs (Google, Amazon), analytics based on behavioral anomalies, and increased uptake in public agencies and large enterprises—driven by regulatory and data protection pressures.
