2019 Press Releases

October 04, 2019

Box and Splunk to Power Automated Threat Detection and Response in the Enterprise

Box, Inc. a leader in Cloud Content Management, today announced a commitment to build a new integration between Splunk and Box Shield, Box’s advanced set of content security controls and intelligent threat detection capabilities. Built natively into Box, Box Shield helps prevent data leakage, detects potential access misuse, and proactively identifies threats.

"As organizations move sensitive content to the cloud, the need to protect against data leakage from negligent user behavior and malicious insider threats is greater than ever,” says Jeetu Patel, Chief Product Officer at Box. “Box Shield helps make working in the cloud both secure and frictionless, providing simple guardrails for collaboration on sensitive content and identifying potential threats or misuse in real time. Splunk’s world-class data and analytics capabilities are a perfect match for Box Shield, and will help our joint customers mitigate risk, reduce threat response times, and improve compliance."

“Some of the biggest challenges that companies face today are the growing number of security solutions and the volume of attacks across an expanding surface area,” said Tim Tully, SVP and CTO, Splunk. “With the intended Splunk for Box Shield integration, security teams should be able to enjoy the benefits of Splunk’s cloud-based monitoring and the ability to investigate several security incidents such as data exfiltration, insider threats and anomalous behavior. To defend against increasingly sophisticated risks, organizations need a best-in-class security stack that works well together.”

The Box and Splunk integration is expected to help enterprises:

  • More efficiently monitor Box Shield alerts: Using the pre-built Splunk app, security teams may be able to streamline the consumption of Box Shield alerts in addition to all cloud and on-premise applications.

  • Gain deeper visibility into content access patterns: Box Shield prevents and identifies early signs of potential leakage of sensitive content. While reviewing Box Shield alerts in Splunk, security analysts may be able to launch directly into Box Shield to gain deeper insights into user behavior within Box.

  • Streamline response to content access anomalies: Security analysts can start from a Box Shield alert and pivot into user behavior across other applications to identify potential insider threats. With Splunk® Phantom, security teams may be able to automate response actions directly in Box.