Cloud App Security Administration Guide for Box

Viewing and Acting on Security Events

The Security Events table lists all of the security events for your secured cloud applications. You can be filter what is displayed in this in several ways.

Security Events Filters and Descriptions
Security Events FiltersDescription
DateTimeframe during the security events occurred: previous 60 minutes, 24 hours, 7 days, 30 days, or 12 months.
StateState of the security events: these can be new events, remediated events, exceptions, or dismissed events.
TypeSecurity types: DLP, Malware, Malicious, Phishing, Anomaly, Suspicious, Shadow IT, Alert, or Spam.
Severity LevelSeverity level of the security events: Critical, High, Medium, Low, or Lowest.
SaaSAll active cloud applications (Office 365 Emails, Gmail, etc.)
ToolTool that identified the threat (Anti-phishing, DLP, Advanced Threat Protection)
SearchSearch for specific events based on the information available for the events.
Group ActionsTake action on a selection group of security events.

The active filters are displayed above the data listed in the table. Displayed on the far right is the total number of security events that match the filtering criteria.

 

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.