The AlienApp for Box provides deep security monitoring for your Box activities, helping you safeguard content management and file sharing through early threat detection and rapid response. It enhances the threat detection capabilities of USM Anywhere by collecting and analyzing data from your Box Enterprise account. After successfully configured, the AlienApp for Box does the following:
- The AlienApp for Box queries the Box API every 20 minutes for information, such as authentication events, user account updates, malware and ransomware infections, application and file activities, and Box platform changes. USM Anywhere then parses the data and displays them as events in the UI.
- The out-of-the-box correlation rules for Box events, provided by the AlienApp for Box, enable USM Anywhere to automatically create alarmsAlarms provide notification of an event or sequence of events that require attention or investigation., notifying you about suspicious activity in your Box environment.
- USM Anywhere includes a predefined dashboard that provides an overview of Box activity so that you have quick visibility to streamline your investigation and incident response processes.
- The AlienApp for Box also provides advanced security orchestration to launch or automate user-initiated actions against threats detected in your Box environment.
Warning: If the AlienApp fails and you receive a message to inform you that it has not been loaded, please contact the AT&T Cybersecurity Technical Support department to solve the problem.