Can you use the NDLP to detect whether users are uploading confidential documents to the web based on marks like letter heads and so on? if so how should the necessary data be added to the DLP?
From what i learned from the TAC guys, they don't seem to have a way of doing this. all they can do is to detect the exact document only. and if we want to detect a docuement with alterations then we have to use regex (stupid answer).
and they also asked me to make a request to the mcafee asking them to inlcude my requirement as a feature or something. what disapoints me is that such a requirement is one of the basic needs of DLP and as i know some of the DLPs already have that.
I'm starting to see the same issue extremely disappointing. I agree that partial file detection or partial file match is a basic requirement of DLP. See my post regarding Fingerprinting.