Box Shield is Box’s set of content security controls and advanced threat detection capabilities that is generally available this month. The controls are built natively into Box and designed to help prevent data leakage, potential access misuse and other threats, according to the company.
“With the intended Splunk for Box Shield integration, security teams should be able to enjoy the benefits of Splunk’s cloud-based monitoring and the ability to investigate several security incidents such as data exfiltration, insider threats and anomalous behavior. To defend against increasingly sophisticated risks, organizations need a best-in-class security stack that works well together,” said Tim Tully, SVP and CTO of Splunk.
The integration aims to help enterprises to more efficiently monitor Box Shield alerts that will allow security teams to streamline Box Shield alerts in addition to all cloud and on premise applications. Security analysts can also gain deeper insights into user behavior using Box.
In addition, security analysts can start from a Box Shield alert and pivot into user behavior across other applications to identify potential insider threats. Security teams may be able to automate response actions directly in Box using Splunk Phantom, a security orchestration, automation and response platform designed to help scale security operations.