The BlueApp for Box provides deep security monitoring for your Box activities, helping you safeguard content management and file sharing through early threat detection and rapid response. It enhances the threat detection capabilities of USM Anywhere by collecting and analyzing data from your Box Enterprise account. After successfully configured, the BlueApp for Box does the following:

• The BlueApp for Box queries the Box API every 20 minutes for information, such as authentication events, user account updates, malware and ransomware infections, application and file activities, and Box platform changes. USM Anywhere then parses the data and displays them as events in the user interface (UI).
• The out-of-the-box correlation rules for Box events, provided by the BlueApp for Box, enable USM Anywhere to automatically create alarms Alarms provide notification of an event or sequence of events that require attention or investigation., notifying you about suspicious activity in your Box environment.
• USM Anywhere includes a predefined dashboard that provides an overview of Box activity so that you have quick visibility to streamline your investigation and incident response processes.
• The BlueApp for Box also provides advanced security orchestration to launch or automate user-initiated actions against threats detected in your Box environment.

This topic discusses these subtopics: