Detectors

A Detector is a tool that scans any online entity to detect if any sensitive data is present in the entity. An "entity" can refer to any resource on the Internet like a file in Google Drive, ticket data in JIRA, code snippets in GitHub, customer data in Salesforce, and so on.

There are two types of detectors; Nightfall Detectors and Custom Detectors.

Nightfall Detectors

Nightfall provides a comprehensive library of machine learning–powered detectors that identify sensitive data across text, images, files, and source code with 90%-95% precision out of the box. All detectors are available immediately in your workspace under Detection → Detectors

Detectors power the core of Nightfall’s data protection capabilities. They allow you to quickly scan and classify content for risks such as PII, PHI, financial data, credentials, intellectual property (IP), confidential corporate documents, and more.

Nightfall offers two primary types of detectors:

1. Entity Detectors

Entity Detectors identify specific pieces of sensitive information—such as an SSN, a driver’s license number, credit card number, password, or an api key —where the format is known and can be validated.

Entity Detectors use:

• Pattern recognition

• Natural-language context

• Validation logic

• ML-based disambiguation

These detectors are ideal when you need precise identification of well-defined data types (e.g., U.S. Social Security Numbers, credit card numbers, or country-specific passport IDs).

Examples of When Entity Detectors Are Useful

• Detecting employees’ personal data in outbound messages

• Preventing customer PII leaks (e.g., driver's license numbers)

• Flagging financial identifiers in logs or repositories

• Monitoring exposed secrets or API keys

Entity Detectors answer the question: “Does this content contain PII, PCI, PHI, or credentials?”

2. File Classifiers

File Classifiers identify entire documents based on their content, structure, and semantic meaning—not just on whether the file contains PII or other entity types.

File Classifiers allow Nightfall to understand: “What type of document is this, and how sensitive is it?”

These classifiers detect:

• Proprietary source code and engineering assets

• Internal or confidential business documents

• Unreleased product materials and R&D

• Financial statements, tax files, regulatory drafts

• Legal agreements and contracts

• Patient or medical information

• Customer or employee data files

• Images of physical documents (passports, IDs, credit cards, etc.)

Nightfall analyzes:

• Writing style and technical terminology

• Domain-specific language (legal, engineering, HR, finance, healthcare)

• File structure (tables, headings, templates)

• Semantic meaning at the paragraph or document level

• Visual elements in images

This is critical for detecting IP leakage, stolen code, or unauthorized sharing.

Example: Detecting Confidential Documents Without Labels

A file does not need to say “confidential” for Nightfall to classify it as such. A strategy deck, pricing sheet, roadmap, or acquisition summary will still be detected based on its semantic meaning, even when unlabeled.

For the complete list of all the detectors present in all the categories, you can view the Nightfall Detector Glossary document.

Now that you are aware of all the available detectors, you can choose to use any of the existing Nightfall detectors or create your detector specific to your organization's requirements. If you are not sure of which Nightfall detector to use, view the Choosing a Nightfall Detector document.

If Nightfal detectors can address your organization's requirements and you do not wish to create any custom detectors, you can refer to the Create Detection Rules document, to learn about how to add detectors to a detection rule.

If Nightfall detectors cannot address your organization's requirements, you can create your own detector(s) or customize a Nightfall detector. You can refer to the Creating Custom Detectors document to learn about custom detectors.