Feature Request

We have a customer with a unique use case where the default action is block everything and you must be part of a group that a policy applies to in order for things to be allowed. As a result, there is obviously a lot of people that think they should have access to stuff so there is a flood of reports that comes in as a result, I've checked and there seems to be no function that allows for different message templates to apply to different policies, nor is there options in the templates to remove users abilities to report via the platform. Perhaps this is a niche need but such flexibility could be nice to cut down on noise from people who they do not even intend to be able to get to anything other than what is explicitly allowed per policy.

So while DefensX seems to report on browser extensions present, It'd be nice if it had the means to have policies that enabled us to block all extensions except for the defined allowed extensions with the option to have it remove all additional extensions that aren't defined as allowed.

Allow an option to customize the title of the external notifications for user requests. It may be good to set by partner level that affects all the customers or just setting it per customer.

So, as we have customers becoming more interested in CoPilot AI protections, Most of our deployments are based on logon user and the users are all domain users. CoPilot AI Protections require the Entra integration be set up and the users be signed into their DefensX via IAM user. We do LogonUser deployments because it is the least invasive for the customers and doesn't just block all access until auth can be had, that being said. There does not seem to be a way in the platform that you can based on the user have it require specific authentication methods, we can have different deployments or on individual devices override auth options, but we cannot have DefensX based on the AD user signing into a machine require them to sign in using IAM so it follows them to any machine they use in the event they use other devices Sounds silly perhaps but it's not worth it to the customer to have the disruption of requiring 200+ devices to have to authenticate via IAM instead of logon user. Allowing the entire organization to auth to IAM is one thing but just because it's an option doesn't mean they'll do it, thinking with a zero trust mindset, don't ask people not to do it, take away their ability to do it and force them to be required to do IAM auth so you can ensure things are being done the way you want/need.

Categories should have a tooltip/icon or documentation page or both with brief explanations and/or examples of what's included of each category. In particular some questions I had to ask support to get clarified: Social Media in General does not include social networks like Facebook that already have their own category, so you need to select both. I assume this applies to all the 'in general' categories and I suggested they be renamed to Social Media Other or Misc. to better communicate that. Newly Registered Domains - how new is new? (30 days) What's an Unsupported URL? (invalid/not real addresses/ip's)

Ability to whitelist extensions.

We have multiple firewalls and such that we have added to our allowed URL list and would like a way to rename/add a note to the corresponding IP addresses for better "bookkeeping" purposes. That way when we are auditing our allowed list, we can easily see what the IP addresses are associated with.

Integration between DefensX backend and Autotask PSA to transfer any helpful information, including tickets, usage, etc.

Integration between DefensX backend and Ninja RMM to transfer any useful information including tickets, usage, etc.

Similar to the browser printer or screenshot protection, use OS level integrations to pick up on clipboard activity and allow for monitoring of pasting outside of the browser process, or possibly clearing the clipboard proactively. Similar to mobile MDM enforcement.