About detection customization
Symantec Data Loss Prevention
provides the Data Loss Prevention Scripting Language to help you customize certain aspects of detection, including custom file type identification and custom validators for Data Identifiers. The topics in this section describe the scripting language, and include syntax, functions, example scripts, and tutorials. You'll also learn how you can use the Symantec Data Loss Prevention
File Type Analyzer utility to write custom file type identification scripts.To implement detection customization, you should have general knowledge or experience of programming.
Customization type | Description |
|---|---|
Custom file type identification | Symantec Data Loss Prevention detects more than 300 file types. However, if the type of file you want to detect is not supported, you can detect it using a custom script. Use the Symantec Data Loss Prevention Scripting Language to write a script that detects the binary signature of the particular file format you want to detect.For a complete list of supported file types, see Overview of detection file format support. |
Custom script validators for Data Identifiers | Symantec Data Loss Prevention provides you with Data Identifiers to detect file contents. Data Identifiers use validation checks to increase match accuracy and reduce false positives. Symantec Data Loss Prevention provides more than 150 system-defined Data Identifier validators. In addition, you can use the Data Loss Prevention Scripting Language to write your own custom script validators for Data Identifiers.For more information about Data Identifiers, see Introducing Data Identifiers. |
File Type Analyzer | The Symantec Data Loss Prevention File Type Analyzer utility helps you determine the unique bytes of the custom file type you want to detect. You can then use the Symantec Data Loss Prevention Scripting Language to accurately identify custom file formats. |