Introduction to Nightfall Audit
A Nightfall Audit enables you to assess your organization's security posture and safeguard sensitive data. By identifying and addressing security vulnerabilities, Nightfall audits help prevent data leaks and ensure compliance with standards such as HIPAA, PCI DSS, and more. They also allow for a thorough evaluation of security policies within your organization.
Unlike real-time scanning, Nightfall audits focus on historic data scans, allowing you to examine stored data across various cloud environments. You can define a historical date range and apply filters to customize the scope, ensuring precise and efficient data analysis.
Upon completion, Nightfall generates a detailed report, highlighting security issues and sensitive data exposure. This enables organizations to take appropriate corrective actions.
Creating a Nightfall Audit
The process of creating a Nightfall audit consists of five key stages:
Select Integration
Choose the Nightfall integration you want to audit:
Navigate to Discovery and Classification.
Click + New Audit in the top-right corner.
Select an integration (GitHub or Google Drive).
For Google Drive, specify whether you want to monitor Posture Settings only or both Posture Settings and Data Discovery.
Configure Scope
Define the audit’s scope by selecting:
The historic time period to scan.
Additional parameters that vary by integration:
GitHub: Choose the organization, repository, and branches.
Google Drive: Select the types of drives to monitor.
Apply filters to refine the audit further.
Define Detection Rules
Specify the detection rules Nightfall will use to scan your historic data. If any data violates the selected rules, it will be flagged as sensitive.
Set Up Automated Actions
Configure automated actions to be executed when Nightfall detects sensitive content. Note that automated actions are not available for all integrations.
Name and Review Audit
Assign a name to your audit.
Review your configurations and make any necessary modifications.
Finalize and create the audit.
Once an audit is created and completed, its configurations cannot be modified or re-run. To analyze a different dataset, you must create a new audit with the desired settings.
Last updated
Was this helpful?