Nightfall Documentation
  • Data Detection and Response
  • Posture Management
  • Data Exfiltration Prevention
  • Data Encryption
  • Developer APIs
  • Data Classification and Discovery
  • Nightfall Exfiltration
  • What is Data Exfiltration
  • Nightfall Detection Platform
    • Nightfall Detection Platform
  • Exfiltration Prevention for Google Drive
    • Installing Nightfall for Google Drive
    • Configuring Integration Alerts
    • Configuring Google Drive Policies
      • Google Drive App Selection
      • Scope
      • Trigger
      • Automated Actions
      • Creating Policy
    • Remediation for Google Drive Exfiltration
  • Exfiltration Prevention for Endpoint
    • Endpoint Exfiltration Prevention
    • Install Nightfall AI Agent for MAC OS
      • Manual Installation
      • Nightfall Agent Deployment with Kandji MDM
      • Nightfall Agent Deployment with Rippling MDM
      • Nightfall Agent Deployment with JAMF MDM
    • Install Nightfall AI Agent for Windows OS
      • Manual Installation
      • Nightfall Windows Agent Deployment: Rippling MDM
      • Nightfall Windows Agent Deployment: Generic MSI Deployment
    • Configuring Integration Alerts
    • Configuring Policies
      • MAC/Windows App Selection
      • Scope
      • Trigger
      • Advanced Settings
        • Admin Alerting
        • Automated Actions
        • End-User Notifications
      • Creating Policy
      • Remediation for MAC OS Policies
      • FAQs
      • Remediation for Windows OS Policies
  • Exfiltration Prevention for Salesforce
    • Nightfall Exfiltration for Salesforce
    • Installing Nightfall Exfiltration for Salesforce
    • Upgrading Nightfall DLP
    • Configuring Integration Alerts
    • Configuring Salesforce Exfiltration Policies
      • Salesforce App Selection
      • Scope
      • Trigger
      • Advanced Settings
      • Creating Policy
      • Remediation for Salesforce Exfiltration
Powered by GitBook
On this page
  • Stealth Mode Installation
  • Use cases
  • Stealth Mode Installation Process
  • Nightfall Agent Auto Update

Was this helpful?

Export as PDF
  1. Exfiltration Prevention for Endpoint

Install Nightfall AI Agent for MAC OS

Nightfall for macOS allows you to detect exfiltration events on your macOS devices. The Nightfall exfiltration feature can monitor any files being uploaded through supported cloud storage apps or browsers on macOS devices.

To use Nightfall for macOS, you must install the Nightfall AI agent. This agent monitors your macOS device continuously. You can install the agent either manually or through a mobile device management (MDM) tool. You can request the Nightfall deployment bundle, which contains the .pkg and other pre-installation scripts required for your MDM deployment.

  • Manual Installation

  • Installation using the Kandji MDM

  • Installation using the Rippling MDM

  • Installation using the JAMF MDM

Stealth Mode Installation

You can install the Nightfall AI macOS agent in stealth/hidden mode. Installing the agent in stealth mode allows you to hide visible UI elements once the Nightfall agent is installed. When you install the agent in silent mode, the Nightfall status bar icon. Additionally, the Nightfall application will not be visible in the Applications folder when viewed in Finder.

Use cases

  • Covert Monitoring: If an organization suspects an employee of exfiltrating sensitive data, they can install the agent in stealth mode to monitor the employee's asset without the employee's knowledge.

  • Ensuring Bias-Free Compliance: An organization wishes to confirm if their employees are adhering to HIPAA/PCI compliances; they can install the agent in stealth mode without giving any indication to their employees (which can prompt a change in their behavior).

  • Prevent User Distractions: Organizations that do not wish to distract their users about the agent presence and monitoring can depoy in stealth mode.

Stealth Mode Installation Process

  1. In the mdm_pre_installation_script.shfile, find the hide_status_iconflag.

  2. Set the flag to true. By default, the flag is set to false⁣.

Stealth mode installation hides the agent only from UI. Employees can find Nightfall if they navigate to the Application folder via Terminal.

Nightfall Agent Auto Update

Nightfall employs the automatic endpoint update functionality. With this feature, Nightfall can deliver the majority of endpoint agent bug fixes and feature updates directly to endpoints.

Features:

  • Stay Secure: Receive the latest security patches and updates promptly, reducing the risk of vulnerabilities being exploited.

  • Remain Compatible: Keep your deployment compatible with the latest operating system updates and other software changes.

  • Receive New Features: You get access to new features and improvements to exfiltration monitoring without manual intervention.

  • Minimize Administrative Overhead: IT administrators don't need to manually deploy updates to each endpoint, saving time and resources.

PreviousEndpoint Exfiltration PreventionNextManual Installation

Last updated 14 days ago

Was this helpful?