Cloud App Security Administration Guide for Box

Creating Threat Detection Policy Rules

To create a Threat Detection policy rule

  1. In the Rule Name field, enter the name you want to use to identify the rule.
  2. From the Mode dropdown list, select the mode in which you want the DLP policy rule to operate:
  3. In the Scope section, either:
    • Select All users and groups (all licensed users) to have the policy rule either apply to all users.
    • In the Specific users and groups list, select the specific users or user groups to which the policy should apply or be excluded from being applied.
  4. In the Advanced > Security Tools section:
    1. Select All running threat detection tools to use all of the activated Security Tools. (This is on by default.) If you unselect this option, you can then select which specific Security Tools are used.
    2. Click Ok.
  5. In the Advanced > Alerts section:
    1. Select Send Email alert to… to notify specific users sharing the file when a possible threat is detected.
      • Click the gears icon to modify the email message sent to the users.
    2. Select Send email alert to admin(s) about malware to notify administrators when a possible threat is detected.
      • Click the gears icon to modify the email message sent to administrators.
      • Click the users icon to select which administrators should receive the message.
    3. Select Alert recipient to inform the recipient of the message when a possible threat is detected.
      • Click the gears icon to modify the email message sent to the recipient.
  6. Click Save and Apply.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.