# Introduction to Nightfall Audit A Nightfall Audit enables you to assess your organization's security posture and safeguard sensitive data. By identifying and addressing security vulnerabilities, Nightfall audits help prevent data leaks and ensure compliance with standards such as HIPAA, PCI DSS, and more. They also allow for a thorough evaluation of security policies within your organization. Unlike real-time scanning, Nightfall audits focus on historic data scans, allowing you to examine stored data across various cloud environments. You can define a historical date range and apply filters to customize the scope, ensuring precise and efficient data analysis. Upon completion, Nightfall generates a detailed report, highlighting security issues and sensitive data exposure. This enables organizations to take appropriate corrective actions. ## Creating a Nightfall Audit The process of creating a Nightfall audit consists of five key stages: {% stepper %} {% step %} **Select Integration** Choose the Nightfall integration you want to audit: 1. Navigate to **Discovery and Classification**. 2. Click **+ New Audit** in the top-right corner. 3. Select an integration (**GitHub** or **Google Drive**). 4. For **Google Drive**, specify whether you want to monitor **Posture Settings** only or both **Posture Settings and Data Discovery**. {% endstep %} {% step %} **Configure Scope** Define the audit’s scope by selecting: 1. The historic time period to scan. 2. Additional parameters that vary by integration: * **GitHub**: Choose the organization, repository, and branches. * **Google Drive**: Select the types of drives to monitor. 3. Apply filters to refine the audit further. {% endstep %} {% step %} **Define Detection Rules** Specify the detection rules Nightfall will use to scan your historic data. If any data violates the selected rules, it will be flagged as sensitive. {% endstep %} {% step %} **Set Up Automated Actions** Configure automated actions to be executed when Nightfall detects sensitive content. Note that automated actions are not available for all integrations. {% endstep %} {% step %} **Name and Review Audit** 1. Assign a name to your audit. 2. Review your configurations and make any necessary modifications. 3. Finalize and create the audit. Once an audit is created and completed, its configurations cannot be modified or re-run. To analyze a different dataset, you must create a new audit with the desired settings. {% endstep %} {% endstepper %}