About the Project
Inspiration
This project was inspired by a practical security gap: most data leaks are not advanced attacks, they are accidental mistakes. In our track, the “rookie operative” idea matched real behavior we see every day: unsafe links, oversharing in forms, and sensitive data sent to the wrong destination.
We wanted to build a system that prevents mistakes before data leaves the device, not just detect incidents afterward.
How We Built It
We built AgencyGuard as a local, real-time security layer with three parts:
- Traffic interception using a
mitmproxyaddon. - Risk Engine using
FastAPIto evaluate each request. - Detection modules:
- Rookie Score: destination/domain risk heuristics.
- DLP Scanner: regex-based sensitive-data detection for request bodies.
Each request is classified into: [ \text{decision} \in {\text{ALLOW}, \text{WARN}, \text{BLOCK}} ] based on the computed risk and DLP findings.
Challenges We Faced
- Getting consistent request-body extraction across different content types.
- Handling URL-encoded form data correctly.
- Avoiding proxy-loop and timeout issues between addon and Risk Engine.
- Reducing dashboard noise from background app traffic.
- Balancing strict security with false positives.
What We Learned
- Real-time security is mostly a systems-integration challenge, not just model logic.
- Small implementation details (headers, encoding, process state) strongly affect outcomes.
- Explainable decisions are critical for trust and demo clarity.
- Iterative tuning of rules is necessary to move from “works” to “usable.”
Built With
- fastapi
- mitm
- python
Log in or sign up for Devpost to join the conversation.