Nightfall Documentation
  • Sensitive Data Protection
  • Data Security Posture Management
  • Data Exfiltration Prevention
  • Data Encryption
  • Firewall for AI
  • Nightfall Exfiltration
  • What is Data Exfiltration
  • Nightfall Detection Platform
    • Nightfall Detection Platform
  • Exfiltration Prevention for Google Drive
    • Installing Nightfall for Google Drive
    • Configuring Integration Alerts
    • Configuring Google Drive Policies
      • Google Drive App Selection
      • Scope
      • Trigger
      • Automated Actions
      • Creating Policy
    • Remediation for Google Drive Exfiltration
  • Exfiltration Prevention for Endpoint
    • Endpoint Exfiltration Prevention
    • Install Nightfall AI Agent for MAC OS
      • Manual Installation
      • Nightfall Agent Deployment with Kandji MDM
      • Nightfall Agent Deployment with Rippling MDM
      • Nightfall Agent Deployment with JAMF MDM
    • Install Nightfall AI Agent for Windows OS
      • Manual Installation
      • Nightfall Windows Agent Deployment: Rippling MDM
      • Nightfall Windows Agent Deployment: Generic MSI Deployment
    • Configuring Integration Alerts
    • Configuring Policies
      • MAC/Windows App Selection
      • Scope
      • Trigger
      • Advanced Settings
        • Admin Alerting
        • Automated Actions
        • End-User Notifications
      • Creating Policy
      • Remediation for MAC OS Policies
      • FAQs
      • Remediation for Windows OS Policies
  • Exfiltration Prevention for Salesforce
    • Nightfall Exfiltration for Salesforce
    • Installing Nightfall Exfiltration for Salesforce
    • Upgrading Nightfall DLP
    • Configuring Integration Alerts
    • Configuring Salesforce Exfiltration Policies
      • Salesforce App Selection
      • Scope
      • Trigger
      • Advanced Settings
      • Creating Policy
      • Remediation for Salesforce Exfiltration
Powered by GitBook
On this page
  • Custom Message
  • Automation
  • End-User Remediation

Was this helpful?

Export as PDF
  1. Exfiltration Prevention for Endpoint
  2. Configuring Policies
  3. Advanced Settings

End-User Notifications

Learn how to configure end user notifications in Nightfall exfiltration policies.

PreviousAutomated ActionsNextCreating Policy

Last updated 15 days ago

Was this helpful?

This section allows you to configure notifications to be sent to the end user whose actions triggered the violation.

Custom Message

Enter a custom message to be sent to the end user. This message is sent in an Email or a Slack message. You can modify the default message provided by Nightfall and draft your own. The total character length allowed is 1000 characters. You can also add hyperlinks in the custom message. The syntax is <link | text >. For example, to hyperlink https://www.nightfall.ai with the text Nightfall website, you must write <https://www.nightfall.ai | Nightfall website>.

Automation

You can either select Email, Slack, or both as an automated notification method. You must turn the toggle switch to use this option. Based on the options selected, end-users receive notifications to their email or Slack if the latter is configured as an alert platform.

End-User Remediation

End-User Remediation (also known as Human Firewall) allows you to configure remediation measures that end-users can take when an exfiltration event is triggered due to their actions. You must turn on the toggle switch to use this option. When you configure end-user remediation, the user whose actions triggered the exfiltration event receivesa notification from Nightfall. This notification provides details of the user's actions that caused the exfiltration along with your custom message. End-users can take appropriate actions.

Nightfall supports the following remediation actions end-users.

  • Provide Business Justification: This option allows end-users to add a descriptive note on the file transfer or exfiltration event. Basically, users can provide a business justification giving you more context into the file transfer or a business justification. The user input is delivered directly to the console for review, saving you time and helping you assess the risk of the data transfer based on the additional user input.

The other options available to be configured in this section are:

  • When a Violation is Reported as False Positive (justified): You can use this option to set actions to be taken when input has been provided by the end-user. You can automatically ignore violations for which the user has provided input.

  • Remind Every (until Violation expires): You can use this option to adjust the frequency at which Nightfall should remind the user to provide context into their data transfer. You can choose to remind the end user every 24, 48, or 72 hours.