Help shape the future of Box
Welcome to Box Pulse, our product feedback tool powered by UserVoice. Got an idea for how to improve Box? Share it with us and gather support or vote on other people's ideas. Your feedback is essential to informing roadmap decisions and shaping the future of our products. Thanks for joining our community!
See user guide here.
215 results found
-
Ability to scope Malicious Content Rules by User/Group/Shield Lists
Currently malicious content rules apply to all users. To test moving from an audit/detection-only stance to enforcement, it would be useful to be able to create multiple rules that are scoped to specific users/groups/Shield Lists.
This will allow us to keep most users in an audit/detection-only rule, while we test enforcement with a pilot group in another rule.3 votes -
Better information on Alert Information for Location Detection Rules
Please add the country below the IP on a Shield Alert Email for Allowed countries Detection rules notification. This keeps us from having to log into box to see what country the violation occurred in..
3 votes -
Whitelisting file types in Malicious Content scanning in Box Shield
We are currently seeing a large number of non-malicious files being marked by Deep Scan as malicious, resulting in a lot of false positives. These are files such as .gif or .doc. The primary way to reduce the false positive rate would be to improve Deep Scan's scanning capability. However, I think it would also be beneficial to be able to exclude certain file types that are unlikely to include malware (e.g. .gif) from being scanned.
3 votes -
Block file request via classification / access policy
Currently there is no security control for access policies that allows to block file requests.
We created a classification "external" with the security control "External Collaboration Restriction". However it is still possible that externals upload files to these folders. To us this is also a way of external collaboration. And this also creates the risk of mixing internal and external files in folders that are classified as internal.3 votes -
Encrypt shield downloads
Encrypted downloads of files flagged as malicious so analysts can safely move files to a sandbox for further analysis.
3 votes -
Permanently mark a file as not malicious
We had a user (with Box Drive) who had a file marked as malicious. She apparently made a change to a local copy and added it back to her folder, causing it to be marked as malicious a second time. In fairness, the hash is different, since the file changed. When I looked at the first event, I ran the file through VT, and the results came back as all clean, so I marked it as not malicious. The user was still not able to access the file. I had to go back into Shield, find the second instance, scan…
3 votes -
Enable "Mark file as safe" in API
Provide an API endpoint to release a quarantine file ("Mark file as safe" in GUI) within box shield.
3 votes -
Restrict users to only some Shield label
Currently you can choose which users can put Shield label to contents.
However, this setting is for the whole tenant but I would like to set different types of users to some Shield label that does not apply to all the Shield labels.3 votes -
Trigger rescan for Auto-Classification when adding new classifications
We did not implement Box Shield immediately upon standing up our new environment. After over 1TB of data was uploaded, leadership wanted us to implement new auto-classifications. There is currently no way to force a rescan of all existing documents to apply those new classifications. Going into each folder and copy/pasting, moving, or editing each file is impractical for tens of thousands of uploaded files. Would like a simple way to trigger the rescan without having to engage for a consulting project for box.com to create custom scripts to update the classifications.
3 votes -
Co-Admin permission - Manage Shield Lists
It would be good to be able to delegate the update of Sheild lists so that someone can amend who is in a list without providing access to other shield functions.
For example, a list of people email addresses that can change because external parties that we collaborate change but we want to be able to remove/add people.
3 votes -
classification labeling time lag when item added to a folder with classification
When adding items to a folder with defined classification, there is a time lag (appx. 5 min) to reflect the classification to added items. (we know its 20min for 40K items but still we want to remove the time lag)
During the lag, a user can temporarily operate the items outside the policy defined on its classification.
This seems a critical defect in terms of its security, so please consider to fix the situation.
Thanks,3 votes -
I would like the ability to hide malicious content in BoxShield.
If malicious content is uploaded to Box, we would like the ability to hide the content as well as suppress downloads.
If possible, we would like the content to be hidden automatically.
*For example, if infected with ransomware, we would like to hide the infected file and the file with the threatening message.This is because we want to take action on the administrator's side so as not to worry users.
3 votes -
Box Shield: enable granular controls for Threat Detection anomalous download behavior alerts
Box Shield: enable granular controls for Threat Detection anomalous download behavior alerts.
E.g. alert me when any file larger than xx GB is downloaded.
E.g. alert me when xx% more content is downloaded than normal.
E.g. alert me when xxxx file quantities are downloaded from yyyy folder.
3 votes -
I would like to be able to change from a classification with a strict policy to a classification with a loose policy. The reverse should be
For the purpose of strictly protecting confidential information, we want to make it impossible to change from strict to loose permissions, even for users who have the authority to change classification labels. However, with the current Shield function, it is not possible to set the priority of changeability.
One possible way to achieve this is to allow users to set rankings for classifications or policies, and to limit the direction of the rankings.3 votesNot on the roadmap for FY25, will evaluate for FY26
-
Box Sheild can use some help
It would be great if there was a way to be able to enter notes on an incident. Also to flag an incident as complete and have it removed from the list.
3 votes -
Make available list of countries available for a Shield List
The input fields are not the easiest way to find a value to add to a Shield List. Naming convention is different across systems, so it would be helpful to know the values that are available to be added.
3 votes -
View only ability as admin to view Detection rules, policies, and lists.
Isolate the EDIT SHIELD CONFIGURATION co-admin permission to 2 different permissions:
- View-only detection rules, access policies, lists
- View, Edit, and Create Detection rules, access policies, and lists.
3 votes -
Box Shield inherit classification on move/copy, not only on upload
Box Shield needs to have the ability for files to inherit the classification of the containing folder during a move or copy. Currently, a file will only inherit the classification if it is uploaded to the folder with a certain classification. Example:
File A has a classification of "Confidential" and is moved/copied to a folder that has an "Internal" classification. File A will not automatically inherit the "Internal" permission, and it either needs to be manually changed to "Internal", or have the entire containing folder re-classified as "Internal" so that all containing files then inherit the "Internal" classification.
However, if…
3 votes -
Threat Detection Reporting
My customer would like to get a report of the activities that detection rule is processing to ensure that is actually working. They have one rule (suspicious session) that has not generated any hits and thus they don’t know if it’s actually doing anything or not.
3 votes -
We want the ability for Download policies to also trigger on unusual download activity by external collaborators
We see external collaborators with high download activity using accounts outside of our enterprise (ie: gmail, yahoo?). The business is getting quite frustrated that they cannot report on these email addresses.
3 votesThis is quite complex to implement, we are researching to figure out how best to fix this.
- Don't see your idea?