Nightfall Documentation
  • Data Detection and Response
  • Posture Management
  • Data Exfiltration Prevention
  • Data Encryption
  • Firewall for AI
  • Data Classification and Discovery
  • Data Classification and Discovery
  • Nightfall Audits
    • Introduction to Nightfall Audit
  • Google Drive Audit
    • Overview
    • Select Integration
    • Select Scope
    • Detection Rules
    • Automated Actions
    • Review Configurations
  • Analyzing Google Drive Audit Results
  • GitHub Audit
    • Overview
  • Select Integration
  • Configure Scope
  • Select Detection Rules
  • Review Configurations
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Nightfall Audits

Introduction to Nightfall Audit

A Nightfall Audit enables you to assess your organization's security posture and safeguard sensitive data. By identifying and addressing security vulnerabilities, Nightfall audits help prevent data leaks and ensure compliance with standards such as HIPAA, PCI DSS, and more. They also allow for a thorough evaluation of security policies within your organization.

Unlike real-time scanning, Nightfall audits focus on historic data scans, allowing you to examine stored data across various cloud environments. You can define a historical date range and apply filters to customize the scope, ensuring precise and efficient data analysis.

Upon completion, Nightfall generates a detailed report, highlighting security issues and sensitive data exposure. This enables organizations to take appropriate corrective actions.

Nightfall Audit
Nightfall Policy

A Nightfall audit is used to scan historic data for sensitive information.

A Nightfall policy is used to scan data (at rest or in transit) created, after the policy is live.

Audits scan data for a specific period (chosen by you) in the past.

Policies scan all your future data without any time period (as long as the policy exists).

Currently available for GitHub and Google Drive integrations.

Available for all the Nightfall integrations.

Admin notifications and end-user notifications cannot be sent in Nightfall audits.

You can configure Nightfall policies to send admin notifications and end-user notifications.

Creating a Nightfall Audit

The process of creating a Nightfall audit consists of five key stages:

1

Select Integration

Choose the Nightfall integration you want to audit:

  1. Navigate to Discovery and Classification.

  2. Click + New Audit in the top-right corner.

  3. Select an integration (GitHub or Google Drive).

  4. For Google Drive, specify whether you want to monitor Posture Settings only or both Posture Settings and Data Discovery.

2

Configure Scope

Define the audit’s scope by selecting:

  1. The historic time period to scan.

  2. Additional parameters that vary by integration:

    • GitHub: Choose the organization, repository, and branches.

    • Google Drive: Select the types of drives to monitor.

  3. Apply filters to refine the audit further.

3

Define Detection Rules

Specify the detection rules Nightfall will use to scan your historic data. If any data violates the selected rules, it will be flagged as sensitive.

4

Set Up Automated Actions

Configure automated actions to be executed when Nightfall detects sensitive content. Note that automated actions are not available for all integrations.

5

Name and Review Audit

  1. Assign a name to your audit.

  2. Review your configurations and make any necessary modifications.

  3. Finalize and create the audit.

Once an audit is created and completed, its configurations cannot be modified or re-run. To analyze a different dataset, you must create a new audit with the desired settings.

PreviousData Classification and DiscoveryNextOverview

Last updated 14 hours ago

Was this helpful?