Introduction to Nightfall Audit
A Nightfall Audit enables you to assess your organization's security posture and safeguard sensitive data. By identifying and addressing security vulnerabilities, Nightfall audits help prevent data leaks and ensure compliance with standards such as HIPAA, PCI DSS, and more. They also allow for a thorough evaluation of security policies within your organization.
Unlike real-time scanning, Nightfall audits focus on historic data scans, allowing you to examine stored data across various cloud environments. You can define a historical date range and apply filters to customize the scope, ensuring precise and efficient data analysis.
Upon completion, Nightfall generates a detailed report, highlighting security issues and sensitive data exposure. This enables organizations to take appropriate corrective actions.
A Nightfall audit is used to scan historic data for sensitive information.
A Nightfall policy is used to scan data (at rest or in transit) created, after the policy is live.
Audits scan data for a specific period (chosen by you) in the past.
Policies scan all your future data without any time period (as long as the policy exists).
Currently available for GitHub and Google Drive integrations.
Available for all the Nightfall integrations.
Admin notifications and end-user notifications cannot be sent in Nightfall audits.
You can configure Nightfall policies to send admin notifications and end-user notifications.
Creating a Nightfall Audit
The process of creating a Nightfall audit consists of five key stages:
Select Integration
Choose the Nightfall integration you want to audit:
Navigate to Discovery and Classification.
Click + New Audit in the top-right corner.
Select an integration (GitHub or Google Drive).
For Google Drive, specify whether you want to monitor Posture Settings only or both Posture Settings and Data Discovery.
Configure Scope
Define the audit’s scope by selecting:
The historic time period to scan.
Additional parameters that vary by integration:
GitHub: Choose the organization, repository, and branches.
Google Drive: Select the types of drives to monitor.
Apply filters to refine the audit further.
Define Detection Rules
Specify the detection rules Nightfall will use to scan your historic data. If any data violates the selected rules, it will be flagged as sensitive.
Set Up Automated Actions
Configure automated actions to be executed when Nightfall detects sensitive content. Note that automated actions are not available for all integrations.
Name and Review Audit
Assign a name to your audit.
Review your configurations and make any necessary modifications.
Finalize and create the audit.
Once an audit is created and completed, its configurations cannot be modified or re-run. To analyze a different dataset, you must create a new audit with the desired settings.
Last updated
Was this helpful?