For customizing Threat Detection and Smart Access, Box Shield enables you to create Shield lists, which are lists of locations, domains, applications, host IP addresses, or email addresses that you can later either include in or exclude from your threat detection rules.
The Shield list page shows you the following information about each Shield list:
- List name
- When the list was last modified
- The type of list
- How many items are in the list
- How many rules and policies use the list
You can use Shield lists as an allowlist or denylist when defining detection rules in Threat Detection or restrictions in Smart Access, as shown in the following table:
| List Type | Usage |
|---|---|
| Locations | Detection rules: Suspicious location |
| Domains | Access policies: External collaboration restriction |
| Applications | Access policies: Application restriction |
| IP addresses | Detection rules: Suspicious location |
| Email addresses | Access policies: External collaboration restriction |
Shield List Limits
The following table describes the limits in Shield lists.
| Item | Limit |
|---|---|
| IP addresses | 100,000 |
| Locations | 100,000 |
| Domains | 100,000 |
| Applications | The same # of applications an enterprise can integrate with Box. |
| Email addresses | 15,000 |