AT&T Cybersecurity develops new AlienApp for Box for highly secure content management in the cloud

April 25, 2019 | Julia Kisielius

Today, I’m excited to share that we have released AlienApp for Box, a new security integration between AT&T Cybersecurity and Box, a leader in cloud content management. This new feature within USM Anywhere takes advantage of Box's granular logging capabilities and powerful APIs to add an additional layer of security for Box Enterprise customers that enables you to monitor your Box environments for potential threats and malicious activities. With the AlienApp for Box, you can enhance the detection of threats to data stored in Box and respond quickly with incident response orchestration between AlienVault USM Anywhere and Box. In addition to delivering AlienApp for Box, we have joined the Box Technology Partner Program to provide our joint customers security insights specific to Box Enterprise accounts.

“Box is committed to bringing secure, centralized cloud content management solutions to its customers,” said Niall Wall, SVP, Partners at Box. “We are excited to deepen our relationship with AT&T, who is already a reseller of Box, through this new AlienApp integration. Together, Box and AT&T Cybersecurity will provide a deeper level of threat detection controls to protect an enterprise's most valuable information.”

Let’s take a closer look at how the AlienApp for Box in AlienVault USM Anywhere enhances how you detect and respond to threats against your Box Enterprise environments.

Monitor Box Along with Other Critical Assets in Your Cloud and On-Premises Environments

With the AlienApp for Box, you can monitor your Box Enterprise environments within the same pane of glass as the rest of your critical IT assets in the cloud and on premises. AlienVault USM Anywhere centralizes security monitoring across SaaS apps, public cloud and on-premises environments, and remote locations. This can reduce the number of security dashboards you need to monitor, helping to streamline security and compliance.

After you configure the AlienApp for Box, AlienVault USM Anywhere begins to automatically collect and analyze data from your Box environment, including authentication events, user profile updates, user state changes, application and group assignment, and other changes to your Box Enterprise account. AlienVault USM Anywhere presents this information as security events and provides a dashboard of Box events.

box screenshot 1

Automatically Detect Threats Against Your Data Stored in Box

AlienVault USM Anywhere works to automatically detect threats and suspicious activities against your Box Enterprise environment using integrated threat intelligence from AT&T Alien Labs. Expert security researchers on the AT&T Alien Labs team deliver continuous threat intelligence updates to AlienVault USM Anywhere, enabling resilient threat detection even as your infrastructure evolves and attackers change their approaches.

As part of the threat intelligence subscription in AlienVault USM Anywhere, AT&T Alien Labs provides Box-specific correlation rules to help you automatically detect threats against your Box Enterprise environments, for example:

  • Password spraying against Box
  • Successful brute force authentication attacks
  • Ransomware and other malware infections
  • Data exfiltration or sharing with a known malicious host
  • Anomalous user activities that could indicate an attack

By utilizing the threat intelligence from AT&T Alien Labs for automated threat detection, you can focus your security resources on responding to actual threats.

box screenshot 2

Box integration as AlienApp

Respond to Threats Quickly with Automation and Orchestration

When AlienVault USM Anywhere alerts you to a potential threat against your Box Enterprise environments, you can respond by creating an automated or manual response action that sends a command to Box. Response actions in AlienVault USM Anywhere help you to:

  • Streamline investigation activities by creating new tasks within Box
  • Mitigate the scope of an attack by deactivating a Box account
  • Reduce manual work by automating low-level response tasks

Incident response orchestration in AlienVault USM Anywhere helps you respond to threats quickly and effectively, without having to work across multiple applications.

response action screenshot 4

screenshot 5

Try AlienVault USM Anywhere for yourself and explore the AlienApp for Box in our online demo environment today.

Julia Kisielius

About the Author: Julia Kisielius, AlienVault

Julia joined AlienVault as a Product Marketing Manager in February 2017. Previously, she was a product manager at Giving Docs, an early-stage startup that makes fundraising software for nonprofits. Before that, she worked on data products and processes to help Tufts University fundraisers raise more than $80M per year. Julia started her career at an asset management firm with $200M under management, where she researched, edited, fact-checked, and promoted financial literacy resources such as books and columns. She graduated from the University of Connecticut with a B.A. in English.

Read more posts from Julia Kisielius ›

TAGS:

‹ BACK TO ALL BLOGS

Get the latest security news in your inbox.

Subscribe via Email

Watch a Demo ›
Get Price Free Trial