About detection customization

Symantec Data Loss Prevention
provides the Data Loss Prevention Scripting Language to help you customize certain aspects of detection, including custom file type identification and custom validators for Data Identifiers. The topics in this section describe the scripting language, and include syntax, functions, example scripts, and tutorials. You'll also learn how you can use the
Symantec Data Loss Prevention
File Type Analyzer utility to write custom file type identification scripts.
To implement detection customization, you should have general knowledge or experience of programming.
Detection customization features
Customization type
Description
Custom file type identification
Symantec Data Loss Prevention
detects more than 300 file types. However, if the type of file you want to detect is not supported, you can detect it using a custom script. Use the
Symantec Data Loss Prevention
Scripting Language to write a script that detects the binary signature of the particular file format you want to detect.
For a complete list of supported file types, see Overview of detection file format support.
Custom script validators for Data Identifiers
Symantec Data Loss Prevention
provides you with Data Identifiers to detect file contents. Data Identifiers use validation checks to increase match accuracy and reduce false positives.
Symantec Data Loss Prevention
provides more than 150 system-defined Data Identifier validators. In addition, you can use the Data Loss Prevention Scripting Language to write your own custom script validators for Data Identifiers.
For more information about Data Identifiers, see Introducing Data Identifiers.
File Type Analyzer
The
Symantec Data Loss Prevention
File Type Analyzer utility helps you determine the unique bytes of the custom file type you want to detect. You can then use the
Symantec Data Loss Prevention
Scripting Language to accurately identify custom file formats.