About the Project

Inspiration

This project was inspired by a practical security gap: most data leaks are not advanced attacks, they are accidental mistakes. In our track, the “rookie operative” idea matched real behavior we see every day: unsafe links, oversharing in forms, and sensitive data sent to the wrong destination.
We wanted to build a system that prevents mistakes before data leaves the device, not just detect incidents afterward.

How We Built It

We built AgencyGuard as a local, real-time security layer with three parts:

  1. Traffic interception using a mitmproxy addon.
  2. Risk Engine using FastAPI to evaluate each request.
  3. Detection modules:
    • Rookie Score: destination/domain risk heuristics.
    • DLP Scanner: regex-based sensitive-data detection for request bodies.

Each request is classified into: [ \text{decision} \in {\text{ALLOW}, \text{WARN}, \text{BLOCK}} ] based on the computed risk and DLP findings.

Challenges We Faced

  • Getting consistent request-body extraction across different content types.
  • Handling URL-encoded form data correctly.
  • Avoiding proxy-loop and timeout issues between addon and Risk Engine.
  • Reducing dashboard noise from background app traffic.
  • Balancing strict security with false positives.

What We Learned

  • Real-time security is mostly a systems-integration challenge, not just model logic.
  • Small implementation details (headers, encoding, process state) strongly affect outcomes.
  • Explainable decisions are critical for trust and demo clarity.
  • Iterative tuning of rules is necessary to move from “works” to “usable.”

Built With

Share this project:

Updates