Box Shield, Box’s content security product, now integrates with Splunk to offer more holistic content and application security, the companies announced.
Box Shield, introduced last year, gives Box users natively-integrated threat detection and security controls to protect their content. The integration with Splunk’s security and compliance capabilities should help organizations get a better understanding of how potential threats to their content relate to security risks across other applications.
The integration, first announced a few months ago, provides for a “far richer view for security analysis,” Box CPO Jeetu Patel said to ZDNet.
For instance, he explained, if Box Shield detects anomalous activity, such as someone excessively downloading content within Box, the integration with Splunk infrastructure can correlate that activity with unusual activity within other apps. If a Box account has been compromised along with the user’s accounts in other apps, the integration should provide for a more streamlined response.
With the new integration, security teams can use the Splunk app to monitor Box Shield alerts, and they can use the app to launch directly into Box Shield for deeper insights. With Splunk Phantom, security teams can automate response actions directly in Box.
Patel said Box has seen high customer demand for the integration. “Our customers are investing a pretty fair amount of dollars in the security ecosystem,” he said.
The companies work well together, he continued, because they share a philosophy of supporting a best-of-breed ecosystem of providers. “We are specialists in providing centralized content controls, Splunk specializes in cross-application and centralized monitoring,” he said.