We are based out of the US but have a few users based out of other countries. As of now, every time they access Box we get an alert for a suspicious login location. We can exclude the entire country, which we do not wish to do or we can exclude a specific IP. It would be great if we could create a IF THEN statement. Example: IF user = *@specificdomain.com AND location=specific country THEN SuspiciousLocationAlert=False.

To summarize, additional configuration of alerts would be very beneficial.

We have a file stored in multiple (hundreds of) locations across our Box enterprise and it regularly gets falsely flagged as malicious. We mark it as safe each time, for each location. It would be nice if there was a way to mark the file as safe for ALL locations in our Box enterprise at once. The file is identical name, size, and hash in each location so marking it as safe once instead of hundreds of times would be very much appreciated.

Will the 'Box Shield Add-on for Splunk' be updated to be compatible with jquery 3.5? Currently Splunk is running upgrade guidance that all apps should be and this seems to be an outlier. This is for version 1.1.1

We should be able to notify a user when the file he just uploaded is detected by shield as corrupted.
The notification could be sent by mail or by notification on the website, depending on the configuration given by the user.

This feature is relly important on a legal base, because each user should have the ability to correct his own mistake.

The Box Shield function is configured to ask for the reason for the invitation when inviting external users.
I would like to see a change in the wording of the pop-up when asking for the reason for the invitation.

[Current]
In conjunction with the pull-down display of the reason for the invitation.
"Remove one user instead and continue" will be displayed.

[Change Requested]
Along with the display of the invitation reason pull-down.
"Remove the user who is preventing the invitation from being invited instead and continue" is displayed.

~~Japanese~~
Box Shieldの機能により外部ユーザー招待時の招待理由を求める設定を行なっている。
招待理由を求める際のポップアップについて文言の変更を希望する。

[現在]
招待理由のプルダウンの表示と合わせて、
"代わりに1名のユーザーを削除して続行する"と表示される

[変更希望]
招待理由のプルダウンの表示と合わせて、
"代わりに招待の妨げとなっているユーザーを招待先から削除して続行する"と表示される

Box Shield: enable granular controls for Threat Detection anomalous download behavior alerts.

E.g. alert me when any file larger than xx GB is downloaded.

E.g. alert me when xx% more content is downloaded than normal.

E.g. alert me when xxxx file quantities are downloaded from yyyy folder.

Send a notification when a classification is changed. When a classification is changed for a piece of sensitive content, there is currently not an alert or notification generated. Reporting capabilities on any changed classification labels are also important.

As a administrator, I would like the ability to turn off certain Access Control Restrictions across all collaborators vs. limiting it to specific collaborator roles.

Example:
Download / Print Restrictions.

we would still like users to leverage the app but, not allow them to download/print to their mobile device. Yes, the app function can be disable enterprise-wide but, we want to limit it to a specific function within the mobile app regardless of their collaborator role.

Include complete incident information with the thread detection email alerts. This will make it easy to share the information with others who do not have access to Box Shield admin portal, and will also eliminate an extra step of logging into admin portal for those receiving and triaging the alerts.
Use case: infosec team receives a Box Shield malicious content alert, identifies it as needing action, and passes it to the endpoint management team for mitigation.

We would like the ability to support Regular Expressions (REGEX) for creating auto-classifications rules in Shield. This would greatly enhance how much we can leverage the capability

Enable automated classification in Box to support optical character recognition (OCR), so Box can extract and consider text embedded in images.

I want to be able to limit the permission on a particular classification label. I have a class label that I want only a specific user group to be able to apply. There is an approval process in place (via Box Relay) for labeling content with the specific class label, and I don't want my users to be able to use that label without going through the approval process or limit it so only the admin group can apply the class label. Thanks!

Current access policy allows for external collaboration with a valid business justification, but we would also like to have the admin or folder owner approve the request to share externally, before the collaboration is sent. The current design doesn't allow for any validation and could potentially lead to content being shared with a restricted audience. Once the exception is approved, the collaboration could be set.

Currently you must select a folder to see if it's classified. A customer of mine would prefer to see that a folder is classified without having to select it.

Allow for user level exclusion for suspicious location alerts. This is helpful in the event that users are traveling across locations and various IP addresses.

Ability to import custom terms from a xls - the ability to import any shield value (ex email domains) from a xls or doc is important because that is how they manage such lists with other applications

Enable option for non-Admins to be notified about Box Shield Threat Detection.

E.g. Owner of folder is also notified. Today, only Co-Admins can get Box Shield Threat Detection notifications.

Only allow specific people to have access to the option to override Box Shield Classifications, rather than "everybody or nobody."