DropBox

DropBox is a cloud-based file synchronization and storage platform that enables individuals and organizations to securely save, sync, and share files across various devices (PCs, smartphones, and web browsers). The system is widely recognized for simplifying collaboration on documents and data, making it a cornerstone for modern digital workspaces.

Key Features:

• Synchronization: Files are automatically and seamlessly updated across all connected devices.

• Storage: It provides a centralized storage solution, reducing reliance on local device storage.

• Collaboration: It facilitates joint work on files and folders, allowing for controlled sharing with defined permissions.

• Security and Backup: Features include version history and file recovery, serving as an effective backup solution for both business and personal data.

To enable external monitoring via API, the customer must configure the necessary access credentials within the DropBox Administration Panel. This is how to retrieve the required API details:

1. Access Admin Console: Log in to the DropBox website using an Administrator account.

2. Navigate to Settings: Go to the Admin Console.

3. Generate API Token/App: Navigate to Settings $\rightarrow$ Security (or App Center / API Access Management). The customer needs to create a new application or service account specifically for the SIEM integration.

4. Grant Permissions (Scopes): When generating the token, ensure the permissions team_info.read and events.read (or equivalent full team activity log access) are granted.

5. Obtain Credentials: The customer must securely record the generated API Token or Client ID / Client Secret pair. This is the critical information required for the ArcSight Connector configuration.

❗ Note: This token acts as a master key for all organization activities. It must be stored securely and handled according to internal security policies.

DropBox admin user

Json parser

• Audit rules

• File Operations