Box

Monitor access and sharing of Box content

Request a DemoRead the Docs

App Info

Monitor Box logs to gain complete visibility into content management and file sharing with Panther’s Box integration.

Box offers a single place to manage, secure, share and govern content for your internal and external collaboration and processes. Panther can collect, normalize, and monitor Box logs to help you identify suspicious activity in real time. Your normalized data is then retained to power future security investigations in a serverless data lake powered by AWS or the cloud-native data platform, Snowflake.

Use Panther’s built in rules to monitor activity, or write your own detections in Python to fit your internal business use cases.

Use Cases

Common security use cases for Box with Panther include:

  • Analyze events over a specified time range
  • Monitor admin actions, failed and successful logins, and user activities to your applications
  • Ensure data is not being improperly shared or accessed

How it Works

The integration is simple and fast:

  • Integrate Box to Panther as a data source by creating a new Box app
  • Panther parses, normalizes, and analyzes your log data in real-time
  • As rules are triggered, alerts are sent to your configured destinations
  • Normalized logs can be searched from Panther’s Data Explorer (Enterprise only)
  • Sit back and monitor your activity!

Learn more about Panther's supported log schema for Box.