We have policy designed to look for executables that is broken up by size.

We noticed noticed that larger sized executables are not detected.

Although executables cannot be read they still must go through file reader for the file type to be determined.

File reader has a default size limitation of 30 MB, so anything larger than the maximum file size will not be detected.

you can increase the file size of detection by following this guide:

Guidelines for tuning Symantec Data Loss Prevention to scan large files

Please note, increasing file size detection will also increase the resources required for detection.