Skip to content

Commit f9c7932

Browse files
anastasiaberyozaanastasiaberyoza
authored
Merge branch 'main' into DDOC-1472-Add-MCP-partners
2 parents ffce193 + fd6008a commit f9c7932

File tree

3 files changed

+178
-15
lines changed

3 files changed

+178
-15
lines changed

content/guides/events/event-triggers/shield-alert-events.md

Lines changed: 71 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ The possible alerts produced by Shield are for:
2727
2. Suspicious sessions
2828
3. Anomalous downloads
2929
4. Malicious content
30+
5. Ransomware activity (part of Shield Pro)
3031

3132
All Shield threat detection alert events are produced within the
3233
[enterprise event][events] stream. These events follow the
@@ -339,6 +340,76 @@ The `additional_details` payload will provide the following details:
339340
}
340341
```
341342

343+
### Ransomware activity alert
344+
345+
<!--alex ignore-->
346+
347+
A ransomware activity alert is produced when Box Shield identifies suspicious file extensions that may be indicative of a ransomware attack. It can be identified by the Ransomware Activity value within `additional_details.shield_alert.rule_category`.
348+
349+
The `additional_details` payload will provide the following details:
350+
351+
<!--alex enable-->
352+
353+
```json
354+
{
355+
"source": null,
356+
"created_by": {
357+
"type": "user",
358+
"id": "2",
359+
"name": "Unknown User",
360+
"login": ""
361+
},
362+
"action_by": null,
363+
"created_at": "2025-08-19T10:44:26-07:00",
364+
"event_id": "5b508973-0e48-4bc1-80b2-a05b5382eb37",
365+
"event_type": "SHIELD_ALERT",
366+
"ip_address": "1.2.3.4",
367+
"type": "event",
368+
"session_id": null,
369+
"additional_details": {
370+
"shield_alert": {
371+
"rule_category": "Ransomware Activity",
372+
"rule_id": "1234",
373+
"rule_name": "Ransomware Detection",
374+
"rule_response_action": null,
375+
"risk_score": 100,
376+
"alert_summary": {
377+
"total_files_affected": 42,
378+
"ip_details": [
379+
{
380+
"ip": "1.2.3.4",
381+
"registrant": "Microsoft Corporation",
382+
"latitude": "37.5555",
383+
"longitude": "-120.6789",
384+
"city_name": "San Jose",
385+
"region_name": "California",
386+
"country_code": "US"
387+
}
388+
],
389+
"suspicious_file_extensions": [
390+
"lockbit"
391+
],
392+
"anomaly_period": {
393+
"date_range": {
394+
"start_date": "2009-02-13T23:31:30Z",
395+
"end_date": "2009-02-13T23:31:30Z"
396+
}
397+
}
398+
},
399+
"alert_id": 1234,
400+
"priority": "medium",
401+
"user": {
402+
"id": 8167630149,
403+
"name": "Some user",
404+
"email": "[email protected]"
405+
},
406+
"link": "https://app.box.com/master/shield/alerts/1234",
407+
"created_at": "2025-08-19T10:44:26-07:00"
408+
}
409+
}
410+
}
411+
```
412+
342413
<!-- i18n-enable localize-links -->
343414
[box-shield]: https://www.box.com/shield
344415
[threatdetect]:https://support.box.com/hc/en-us/articles/360044196113-Using-Threat-Detection

package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -56,15 +56,15 @@
5656
"dependencies": {
5757
"@apidevtools/json-schema-ref-parser": "^11.7.2",
5858
"alex": "^11.0.1",
59-
"axios": "^1.7.8",
59+
"axios": "^1.12.0",
6060
"comment-json": "^4.2.5",
6161
"concurrently": "^9.1.0",
6262
"dot-prop": "^9.0.0",
6363
"esm": "^3.2.25",
6464
"fs-extra": "^11.2.0",
6565
"glob": "8.1.0",
6666
"jest": "^29.7.0",
67-
"js-yaml": "^4.1.0",
67+
"js-yaml": "^4.1.1",
6868
"jsonpath": "^1.0.2",
6969
"markdown-spellcheck": "^1.3.1",
7070
"markdownlint-cli": "^0.41.0",

yarn.lock

Lines changed: 105 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1317,13 +1317,13 @@ asynckit@^0.4.0:
13171317
resolved "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz"
13181318
integrity sha512-Oei9OH4tRh0YqU3GxhX79dM/mwVgvbZJaSNaRk+bshkj0S5cfHcgYakreBjrHwatXKbz+IoIdYLxrKim2MjW0Q==
13191319

1320-
axios@^1.7.8:
1321-
version "1.7.8"
1322-
resolved "https://registry.yarnpkg.com/axios/-/axios-1.7.8.tgz#1997b1496b394c21953e68c14aaa51b7b5de3d6e"
1323-
integrity sha512-Uu0wb7KNqK2t5K+YQyVCLM76prD5sRFjKHbJYCP1J7JFGEQ6nN7HWn9+04LAeiJ3ji54lgS/gZCH1oxyrf1SPw==
1320+
axios@^1.12.0:
1321+
version "1.12.0"
1322+
resolved "https://registry.yarnpkg.com/axios/-/axios-1.12.0.tgz#11248459be05a5ee493485628fa0e4323d0abfc3"
1323+
integrity sha512-oXTDccv8PcfjZmPGlWsPSwtOJCZ/b6W5jAMCNcfwJbCzDckwG0jrYJFaWH1yvivfCXjVzV/SPDEhMB3Q+DSurg==
13241324
dependencies:
13251325
follow-redirects "^1.15.6"
1326-
form-data "^4.0.0"
1326+
form-data "^4.0.4"
13271327
proxy-from-env "^1.1.0"
13281328

13291329
babel-jest@^29.7.0:
@@ -1495,6 +1495,14 @@ cacheable-request@^10.2.8:
14951495
normalize-url "^8.0.0"
14961496
responselike "^3.0.0"
14971497

1498+
call-bind-apply-helpers@^1.0.1, call-bind-apply-helpers@^1.0.2:
1499+
version "1.0.2"
1500+
resolved "https://registry.yarnpkg.com/call-bind-apply-helpers/-/call-bind-apply-helpers-1.0.2.tgz#4b5428c222be985d79c3d82657479dbe0b59b2d6"
1501+
integrity sha512-Sp1ablJ0ivDkSzjcaJdxEunN5/XvksFJ2sMBFfq6x0ryhQV/2b/KwFe21cMpmHtPOSij8K99/wSfoEuTObmuMQ==
1502+
dependencies:
1503+
es-errors "^1.3.0"
1504+
function-bind "^1.1.2"
1505+
14981506
callsites@^3.0.0:
14991507
version "3.1.0"
15001508
resolved "https://registry.npmjs.org/callsites/-/callsites-3.1.0.tgz"
@@ -1967,6 +1975,15 @@ dot-prop@^9.0.0:
19671975
dependencies:
19681976
type-fest "^4.18.2"
19691977

1978+
dunder-proto@^1.0.1:
1979+
version "1.0.1"
1980+
resolved "https://registry.yarnpkg.com/dunder-proto/-/dunder-proto-1.0.1.tgz#d7ae667e1dc83482f8b70fd0f6eefc50da30f58a"
1981+
integrity sha512-KIN/nDJBQRcXw0MLVhZE9iQHmG68qAVIBg9CqmUYjmQIhgij9U5MFvrqkUL5FbtyyzZuOeOt0zdeRe4UY7ct+A==
1982+
dependencies:
1983+
call-bind-apply-helpers "^1.0.1"
1984+
es-errors "^1.3.0"
1985+
gopd "^1.2.0"
1986+
19701987
duplexer@~0.1.1:
19711988
version "0.1.2"
19721989
resolved "https://registry.npmjs.org/duplexer/-/duplexer-0.1.2.tgz"
@@ -2021,6 +2038,33 @@ error-ex@^1.3.1, error-ex@^1.3.2:
20212038
dependencies:
20222039
is-arrayish "^0.2.1"
20232040

2041+
es-define-property@^1.0.1:
2042+
version "1.0.1"
2043+
resolved "https://registry.yarnpkg.com/es-define-property/-/es-define-property-1.0.1.tgz#983eb2f9a6724e9303f61addf011c72e09e0b0fa"
2044+
integrity sha512-e3nRfgfUZ4rNGL232gUgX06QNyyez04KdjFrF+LTRoOXmrOgFKDg4BCdsjW8EnT69eqdYGmRpJwiPVYNrCaW3g==
2045+
2046+
es-errors@^1.3.0:
2047+
version "1.3.0"
2048+
resolved "https://registry.yarnpkg.com/es-errors/-/es-errors-1.3.0.tgz#05f75a25dab98e4fb1dcd5e1472c0546d5057c8f"
2049+
integrity sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==
2050+
2051+
es-object-atoms@^1.0.0, es-object-atoms@^1.1.1:
2052+
version "1.1.1"
2053+
resolved "https://registry.yarnpkg.com/es-object-atoms/-/es-object-atoms-1.1.1.tgz#1c4f2c4837327597ce69d2ca190a7fdd172338c1"
2054+
integrity sha512-FGgH2h8zKNim9ljj7dankFPcICIK9Cp5bm+c2gQSYePhpaG5+esrLODihIorn+Pe6FGJzWhXQotPv73jTaldXA==
2055+
dependencies:
2056+
es-errors "^1.3.0"
2057+
2058+
es-set-tostringtag@^2.1.0:
2059+
version "2.1.0"
2060+
resolved "https://registry.yarnpkg.com/es-set-tostringtag/-/es-set-tostringtag-2.1.0.tgz#f31dbbe0c183b00a6d26eb6325c810c0fd18bd4d"
2061+
integrity sha512-j6vWzfrGVfyXxge+O0x5sh6cvxAog0a/4Rdd2K36zCMV5eJ+/+tOAngRO8cODMNWbVRdVlmGZQL2YS3yR8bIUA==
2062+
dependencies:
2063+
es-errors "^1.3.0"
2064+
get-intrinsic "^1.2.6"
2065+
has-tostringtag "^1.0.2"
2066+
hasown "^2.0.2"
2067+
20242068
escalade@^3.1.1:
20252069
version "3.1.1"
20262070
resolved "https://registry.npmjs.org/escalade/-/escalade-3.1.1.tgz"
@@ -2256,13 +2300,15 @@ form-data-encoder@^2.1.2:
22562300
resolved "https://registry.yarnpkg.com/form-data-encoder/-/form-data-encoder-2.1.4.tgz#261ea35d2a70d48d30ec7a9603130fa5515e9cd5"
22572301
integrity sha512-yDYSgNMraqvnxiEXO4hi88+YZxaHC6QKzb5N84iRCTDeRO7ZALpir/lVmf/uXUhnwUr2O4HU8s/n6x+yNjQkHw==
22582302

2259-
form-data@^4.0.0:
2260-
version "4.0.1"
2261-
resolved "https://registry.yarnpkg.com/form-data/-/form-data-4.0.1.tgz#ba1076daaaa5bfd7e99c1a6cb02aa0a5cff90d48"
2262-
integrity sha512-tzN8e4TX8+kkxGPK8D5u0FNmjPUjw3lwC9lSLxxoB/+GtsJG91CO8bSWy73APlgAZzZbXEYZJuxjkHH2w+Ezhw==
2303+
form-data@^4.0.4:
2304+
version "4.0.4"
2305+
resolved "https://registry.yarnpkg.com/form-data/-/form-data-4.0.4.tgz#784cdcce0669a9d68e94d11ac4eea98088edd2c4"
2306+
integrity sha512-KrGhL9Q4zjj0kiUt5OO4Mr/A/jlI2jDYs5eHBpYHPcBEVSiipAvn2Ko2HnPe20rmcuuvMHNdZFp+4IlGTMF0Ow==
22632307
dependencies:
22642308
asynckit "^0.4.0"
22652309
combined-stream "^1.0.8"
2310+
es-set-tostringtag "^2.1.0"
2311+
hasown "^2.0.2"
22662312
mime-types "^2.1.12"
22672313

22682314
format@^0.2.0:
@@ -2309,11 +2355,35 @@ get-caller-file@^2.0.5:
23092355
resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e"
23102356
integrity sha512-DyFP3BM/3YHTQOCUL/w0OZHR0lpKeGrxotcHWcqNEdnltqFwXVfhEBQ94eIo34AfQpo0rGki4cyIiftY06h2Fg==
23112357

2358+
get-intrinsic@^1.2.6:
2359+
version "1.3.0"
2360+
resolved "https://registry.yarnpkg.com/get-intrinsic/-/get-intrinsic-1.3.0.tgz#743f0e3b6964a93a5491ed1bffaae054d7f98d01"
2361+
integrity sha512-9fSjSaos/fRIVIp+xSJlE6lfwhES7LNtKaCBIamHsjr2na1BiABJPo0mOjjz8GJDURarmCPGqaiVg5mfjb98CQ==
2362+
dependencies:
2363+
call-bind-apply-helpers "^1.0.2"
2364+
es-define-property "^1.0.1"
2365+
es-errors "^1.3.0"
2366+
es-object-atoms "^1.1.1"
2367+
function-bind "^1.1.2"
2368+
get-proto "^1.0.1"
2369+
gopd "^1.2.0"
2370+
has-symbols "^1.1.0"
2371+
hasown "^2.0.2"
2372+
math-intrinsics "^1.1.0"
2373+
23122374
get-package-type@^0.1.0:
23132375
version "0.1.0"
23142376
resolved "https://registry.npmjs.org/get-package-type/-/get-package-type-0.1.0.tgz"
23152377
integrity sha512-pjzuKtY64GYfWizNAJ0fr9VqttZkNiK2iS430LtIHzjBEr6bX8Am2zm4sW4Ro5wjWW5cAlRL1qAMTcXbjNAO2Q==
23162378

2379+
get-proto@^1.0.1:
2380+
version "1.0.1"
2381+
resolved "https://registry.yarnpkg.com/get-proto/-/get-proto-1.0.1.tgz#150b3f2743869ef3e851ec0c49d15b1d14d00ee1"
2382+
integrity sha512-sTSfBjoXBp89JvIKIefqw7U2CCebsc74kiY6awiGogKtoSGbgjYE/G/+l9sF3MWFPNc9IcoOC4ODfKHfxFmp0g==
2383+
dependencies:
2384+
dunder-proto "^1.0.1"
2385+
es-object-atoms "^1.0.0"
2386+
23172387
get-stdin@~9.0.0:
23182388
version "9.0.0"
23192389
resolved "https://registry.yarnpkg.com/get-stdin/-/get-stdin-9.0.0.tgz#3983ff82e03d56f1b2ea0d3e60325f39d703a575"
@@ -2400,6 +2470,11 @@ globby@^6.1.0:
24002470
pify "^2.0.0"
24012471
pinkie-promise "^2.0.0"
24022472

2473+
gopd@^1.2.0:
2474+
version "1.2.0"
2475+
resolved "https://registry.yarnpkg.com/gopd/-/gopd-1.2.0.tgz#89f56b8217bdbc8802bd299df6d7f1081d7e51a1"
2476+
integrity sha512-ZUKRh6/kUFoAiTAtTYPZJ3hw9wNxx+BIBOijnlG9PnrJsCcSjs1wyyD6vJpaYtgnzDrKYRSqf3OO6Rfa93xsRg==
2477+
24032478
got@^12.1.0:
24042479
version "12.6.1"
24052480
resolved "https://registry.yarnpkg.com/got/-/got-12.6.1.tgz#8869560d1383353204b5a9435f782df9c091f549"
@@ -2454,6 +2529,18 @@ has-own-prop@^2.0.0:
24542529
resolved "https://registry.npmjs.org/has-own-prop/-/has-own-prop-2.0.0.tgz"
24552530
integrity sha512-Pq0h+hvsVm6dDEa8x82GnLSYHOzNDt7f0ddFa3FqcQlgzEiptPqL+XrOJNavjOzSYiYWIrgeVYYgGlLmnxwilQ==
24562531

2532+
has-symbols@^1.0.3, has-symbols@^1.1.0:
2533+
version "1.1.0"
2534+
resolved "https://registry.yarnpkg.com/has-symbols/-/has-symbols-1.1.0.tgz#fc9c6a783a084951d0b971fe1018de813707a338"
2535+
integrity sha512-1cDNdwJ2Jaohmb3sg4OmKaMBwuC48sYni5HUw2DvsC8LjGTLK9h+eb1X6RyuOHe4hT0ULCW68iomhjUoKUqlPQ==
2536+
2537+
has-tostringtag@^1.0.2:
2538+
version "1.0.2"
2539+
resolved "https://registry.yarnpkg.com/has-tostringtag/-/has-tostringtag-1.0.2.tgz#2cdc42d40bef2e5b4eeab7c01a73c54ce7ab5abc"
2540+
integrity sha512-NqADB8VjPFLM2V0VvHUewwwsw0ZWBaIdgo+ieHtK3hasLz4qeCRjYcqfB6AQrBggRKppKF8L52/VqdVsO47Dlw==
2541+
dependencies:
2542+
has-symbols "^1.0.3"
2543+
24572544
has-yarn@^3.0.0:
24582545
version "3.0.0"
24592546
resolved "https://registry.yarnpkg.com/has-yarn/-/has-yarn-3.0.0.tgz#c3c21e559730d1d3b57e28af1f30d06fac38147d"
@@ -3275,10 +3362,10 @@ js-yaml@^3.10.0, js-yaml@^3.13.1:
32753362
argparse "^1.0.7"
32763363
esprima "^4.0.0"
32773364

3278-
js-yaml@^4.1.0:
3279-
version "4.1.0"
3280-
resolved "https://registry.npmjs.org/js-yaml/-/js-yaml-4.1.0.tgz"
3281-
integrity sha512-wpxZs9NoxZaJESJGIZTyDEaYpl0FKSA+FB9aJiyemKhMwkxQg63h4T1KJgUGHpTqPDNRcmmYLugrRjJlBtWvRA==
3365+
js-yaml@^4.1.0, js-yaml@^4.1.1:
3366+
version "4.1.1"
3367+
resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.1.tgz#854c292467705b699476e1a2decc0c8a3458806b"
3368+
integrity sha512-qQKT4zQxXl8lLwBtHMWwaTcGfFOZviOJet3Oy/xmGk2gZH677CJM9EvtfdSkgWcATZhj/55JZ0rmy3myCT5lsA==
32823369
dependencies:
32833370
argparse "^2.0.1"
32843371

@@ -3561,6 +3648,11 @@ marked@^0.3.5:
35613648
resolved "https://registry.npmjs.org/marked/-/marked-0.3.19.tgz"
35623649
integrity sha512-ea2eGWOqNxPcXv8dyERdSr/6FmzvWwzjMxpfGB/sbMccXoct+xY+YukPD+QTUZwyvK7BZwcr4m21WBOW41pAkg==
35633650

3651+
math-intrinsics@^1.1.0:
3652+
version "1.1.0"
3653+
resolved "https://registry.yarnpkg.com/math-intrinsics/-/math-intrinsics-1.1.0.tgz#a0dd74be81e2aa5c2f27e65ce283605ee4e2b7f9"
3654+
integrity sha512-/IXtbwEk5HTPyEwyKX6hGkYXxM9nbj64B+ilVJnC/R6B0pH5G4V3b0pVbL7DBj4tkhBAppbQUlf6F6Xl9LHu1g==
3655+
35643656
mdast-comment-marker@^2.0.0:
35653657
version "2.1.2"
35663658
resolved "https://registry.yarnpkg.com/mdast-comment-marker/-/mdast-comment-marker-2.1.2.tgz#48ae16a49574bb22b489d04365ca3b1b5173f0da"

0 commit comments

Comments
 (0)