Last year at BoxWorks, we announced that Box and Splunk are partnering to power automated threat detection and response in the enterprise. We're excited to announce that the Box Shield Add-on for Splunk is now available for all Box Shield customers!
“With the Box Shield for Splunk integration, security teams can enjoy the benefits of Splunk’s cloud-based monitoring and the ability to investigate several security incidents such as data exfiltration, insider threats, and anomalous behavior," says Tim Tully, SVP and CTO at Splunk. "To defend against increasingly sophisticated risks, organizations need a best-in-class security stack that works well together.”
Intelligent, context-aware threat detection
Released last October, Box Shield is our built-in security offering that helps organizations prevent data leakage and detect potential threats. Powered by Box's machine learning and unique context, Shield generates alerts that may indicate data leakage resulting from negligent user actions, or malicious threats.
What are the benefits of the Box Shield Add-on for Splunk for joint customers?
- Time saved - starting with the pre-built integration means less custom work for IT and security teams, and shorter time to monitoring all your Shield alerts in Splunk.
- Deeper visibility and insights - by adding Box Shield to Splunk, your security team gains a new level of depth into activity and content access patterns in Box, including suspicious behavior and changes to security classifications.
- Ease of analysis - from Splunk, analysts can more efficiently evaluate Shield alerts alongside data from other applications, and alsolaunch directly into the Shield alert page for more detail.
Connecting a best-in-class security stack
Here at Box, our internal security team has already seen the benefits of using Box Shield and Splunk together, surfacing new and meaningful alerts while maintaining a unified view of data across our applications and network.
"We are all in this journey towards frictionless security and compliance,"says Lakshmi Hanspal, CISO at Box. "The advantage will go to those who are consolidating their content, securing it with built-in controls, and maintaining a 'single-pane-of-glass' view of risks to their highly valued information."
This is just onenext step in the Box + Splunk partnership, and we're excited by the potential to further help security teams improve efficiency and automate response actions. Stay tuned for more to come!