Dropbox is a data storage and file sharing platform. Cisco Cloudlock enables users to use policies to monitor content and user activity in their Dropbox environments. For prerequisites and installation steps see Dropbox Quick Start Setup Guide.


Cisco Cloudlock monitors Dropbox in the following policies:

Data Loss Prevention (DLP)

User Events and Behavior Analytics (UEBA)

  • Build Your Own: Event Analysis

See UEBA for more information and a complete list of Dropbox Events

Response Actions

In addition to the Global Response Actions available in all platforms, Dropbox also has two unique Response Actions:

Quarantine Users files

Moves the file to a Quarantine folder only accessible to the Dropbox admins.

Revoke File Share

Revokes access to all users (except the owner) and expires any file share URL.

Incident Examples

Context Only Policy Incident

Context Only Policy Incident

Predefined Policy Incident

Predefined Policy Incident

Events Analysis Policy Incident

Events Analysis Policy Incident

Viewing an Object

For a DLP incident, you can click View Object in the uppermost right corner to view the file that violated the policy.

Cloudlock with open the file as a "snapshot" with "view only" access.

Am I added as a collaborator?

Because you are only viewing a snapshot of the file with only viewing access, Dropbox does not add you as a collaborator to the document.


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.