Discover · Protect · Investigate

A complete data security lifecycle — one story, three perspectives, nine labs.

⏱ ~4 Hours🏢 Dataparity Inc. (fictional)🗂 3 Modules · 9 Labs👤 3 Personas🖥 2 Tenants

Lab Objectives

✦Discover how employees use Shadow IT applications — which apps, which instance (corporate vs. personal), and what sensitive content is flowing through them

✦Assess SaaS platform security posture, identify overprivileged third-party OAuth apps, and review what's installed on employee endpoints

✦Map sensitive data at rest across the enterprise using DSPM — SaaS, cloud storage, on-premises, and endpoints

✦Quantify AI exposure risk before enabling Microsoft Copilot — what would it surface on day one?

✦Build DLP detection logic using predefined and custom dictionaries combined with boolean engine logic

✦Apply inline, endpoint, and browser DLP policies to block sensitive data across all three exfiltration channels

✦Investigate incidents in Zscaler Workflow Automation — triage, notify, escalate, and automate SOC response

Meet the Team

🛡

Alex

Security Administrator

Dataparity's lead security admin. Maps data risk in Module 1, then builds and enforces DLP policies in Module 2.

Module 1 + 2

👤

Kevin

End User · Customer Success

Not malicious — just a busy employee reaching for the most convenient tool. In Module 2 he triggers every policy violation you've configured.

Module 2 (Test Steps)

🔍

Priya

SOC Analyst · Tier-1

Dataparity's incident responder. In Module 3 she picks up Kevin's incidents, triages them, notifies him, and automates future response.

Module 3 (Full Lab)

Lab Tenants

🏢

Enterprise Tenant

Tenant 1 · Read-Only

Pre-populated with realistic production-like data. Shows what a mature deployment looks like after months of collection.

Modules 1 + 3

⚗

Lab Tenant

Tenant 2 · Read/Write

A clean environment. Starts with no active DLP policies — you build them from scratch. Changes persist for the session.

Module 2 Only

The Narrative Thread

📊

Payroll_2025.xlsx

The Narrative Thread

A single file that appears in 5 labs across all 3 modules. The payroll file is the deliberate connective tissue of this lab.

Labs 1,4,6,7,9