Not a huge deal, but it would be useful if you could choose whether or not the results of a policy rule's individual conditions should contribute to the overall match count of the DLP incident. For example, if I have a policy that looks for a particular protocol AND a single keyword AND a data identifier for an SSN (as an example), a matching message with a single SSN will have a total match count of 3, even though it only had one SSN. If what you really care about is how many SSNs went out, this can throw off your metrics (if you are pulling your metrics from Enforce). This may also effect your severity-based response rules.
What would be nice is having a checkbox option in the rule condition to say "Do not include in incident match count" or something similar.
Rich