Security Policies
24 Active Policies
Configure detection rules and automated responses
Total Policies
24
Active: 18Disabled: 6
+2 new this month
Policies by Action
Block: 8 (33%)
Warn: 12 (50%)
Educate: 3 (13%)
Policy Effectiveness
3 Phishing Attacks
PREVENTED
this month
Triggered:19 times
Success rate:100%
Requiring Attention
High false positive:
2
Not triggered (60d):
3
Expiring exceptions:
5
Top Triggered Policies
Last 30 days
1
Typosquatting Detection
Policy #1
847
triggers
2
OAuth Abuse Prevention
Policy #2
623
triggers
3
Brand Impersonation Block
Policy #3
512
triggers
4
Credential Harvesting Alert
Policy #4
389
triggers
5
Suspicious Download Warning
Policy #5
267
triggers
Triggers Over Time
Last 30 days
12% decrease in risky actions after enforcement
Enforcement Outcomes
Last 30 days
Blocked
487Warned
312Trained
156Training completions up 23% tied to policy enforcement
Risk Categories
Last 30 days
Phishing
797OAuth Abuse
132Shadow IT
136Data Protection
31Downloads
18Policies
| Status | Policy Name | Category | Action | Scope | Mode | Severity | Alerts (30d) | FP Rate | Modified | ||
|---|---|---|---|---|---|---|---|---|---|---|---|
Block Typosquatting Domains Prevents access to domains that closely resemble legitimate company domains | Phishing Detection | Block | All Users | ✓ Enforcing | 🔴Critical | 287 | 🟢2.1% | 2 days ago | |||
Warn on New OAuth Consent Shows warning when users attempt to grant OAuth permissions to new applications | Account Security | Warn | All Users | ✓ Enforcing | 🟠High | 54 | 🟡8.3% | 5 days ago | |||
Detect Personal Dropbox Usage Monitors and logs when employees access personal Dropbox accounts | Shadow IT | Educate | Engineering | 👁️ Monitoring | 🟡Medium | 89 | 🟢4.2% | 1 week ago | |||
Block Recently Registered Domains Blocks access to domains registered within the last 30 days | Phishing Detection | Block | All Users | ✓ Enforcing | 🟠High | 156 | 🔴12.5% | 3 days ago | |||
Monitor Password Entry on Non-HTTPS Logs instances where password fields are detected on non-secure connections | Data Protection | Log Only | All Users | ✓ Enforcing | 🟡Medium | 8 | 🟢0.5% | 2 weeks ago | |||
Expired SSL Certificate Warning Enforcement Warns users when accessing sites with expired SSL certificates | Data Protection | Warn | All Users | ✓ Enforcing | 🟠High | 23 | 🟢3.1% | 4 days ago | |||
Warn on Shadow SaaS Detection Alerts when unapproved SaaS applications are detected | Shadow IT | Warn | Finance | ✓ Enforcing | 🟡Medium | 47 | 🟡6.8% | 1 week ago | |||
ClickFix Attack Prevention Blocks sites attempting ClickFix social engineering attacks | Phishing Detection | Block | All Users | ✓ Enforcing | 🔴Critical | 12 | 🟢1.2% | 3 days ago | |||
Pilot Mode - Executive Phishing Protection Enhanced phishing protection for executive team members | Phishing Detection | Log Only | Executives | 👁️ Monitoring | 🔴Critical | 5 | 🟢0% | 1 day ago | |||
Block Known Phishing Pages OOTB Automatically blocks access to known phishing sites from threat intelligence | Phishing Detection | Block | All Users | ✓ Enforcing | 🔴Critical | 342 | 🟢0.8% | Today | |||
Warn on Risky OAuth Requests OOTB Warning prompt when OAuth requests excessive permissions | Account Security | Warn | All Users | ✓ Enforcing | 🟠High | 78 | 🟡5.2% | Today | |||
Educate on First-Time Risky Behavior OOTB Educational popup for users exhibiting risky behavior for the first time | User Training | Educate | All Users | ✓ Enforcing | 🔵Low | 134 | 🟢0% | Today |
Recommended Policies
Based on detected user behavior patterns
Block QR Code Phishing Pages
Recommended
Critical
We detected 18 users accessing suspicious QR code-based phishing pages in the past 14 days. This policy would have blocked 16 of these attempts.
📊 Would prevent ~94% of QR phishing attempts👥 Affects all users⚡ Est. 0.3% false positive rate
Warn on Credential Entry to New Domains
Recommended
High
6 users have entered credentials on unfamiliar login pages in the past 30 days. Enable warnings for first-time credential submissions.
📊 Targeted at credential theft👥 Affects all users⚡ Est. 4.2% false positive rate
Block Unapproved File Sharing Services
Recommended
Medium
Engineering team has been using 4 different unapproved file sharing services. This policy enforces your approved tools only.
📊 Reduces shadow IT by ~67%👥 Affects Engineering dept⚡ Est. 8.1% false positive rate