Is there any mechanism to reprocess incidents in the DB after policy updates? This would be an extremely useful feature especailly in the early phase of a DLP deployment. Most customers initially set up DLP and let it run for a while to generate incident data that can be used to fine tune the policies. It would be fantastic if after adding a bunch of an exceptions, the user could kick off a process that would re-evaluate existing incidents against the updated policy and remove those that no longer match due to the changes.
I'm thinking something along the lines of how you do filters in gmail. Once you create one there is an option to apply that filter to existing mail rather then just new incoming mail. This way you can setup a new label and batch move all your mail to the new label based upon a filter. Something like this would save a lot of man hours. Today I see customers litterally just wiping all those early pre-tuned incidents rather then digging through them.