I have been asked by a potential customer to investigate integrating the software that I sell with Symantec DLP. My application produces temporary output files during normal operation which need to be scanned. I need to scan those temp files with DLP. If no problem is found, my app would continue normal operation. If there is a problem identified by DLP, then my app would stop its normal processing at that point to avoid sending protected data outside of the client's network. I have roughly 6-12 files which range in size from a few KB up to a couple of GB (though a total size of a few hundred MB is more common). The frequency can vary greatly, but lets say anywhere from 1-15 times/hour for this discussion.
I found a reference to a "Data Discovery API" and "custom scanners" in a DLP overview PDF. However, I have not been able to find any documentation for those features beyond the one summary level PDF. Does DLP offer an API to which I can send data/files for inspection and scanning? If there isn't an API available, does the command line "DoScan.exe" program support scanning designated files (or a directory)? If so, does it return usable success/failure codes? Though my software runs on Linux, I could copy them to a Windows system and scan them there (or have the Windows system scan the files across CIFS from a Samba share on the Linux server, if that is supported).
I did find a post from May 2010 in this forum that stated that the command line approach was a requested feature, but don't see any follow up.
Thanks for your help.