Creating Policies

This document applies only to the Nightfall Developer APIs customers. If you are a Nightfall SaaS application customer, refer to this document.

Policies allow customers to create templates for their most common workflows by unifying a set of Detection Rules with the actions to be taken when those rules are triggered, including:

  • automated actions such as redaction of findings

  • alerting through webhooks

Once defined, a Policy may be used in requests to the Nightfall API, such as calls to scan file uploads, though automated redactions are not available for uploaded files at this time.

To create a policy:

  1. Log in to Nightfall.

  2. Click Policies under the Configuration section.

  3. Click + New Policy.

  4. Select Developer APIs.

  5. Select the Detection Rules to be included in the policy and click Next.

  6. Configure a notification channel. Click here to learn more about alert channel configuration. If you wish to setup a webhook alert channel, click here for details.

It is mandatory for you to configure at least one alert channel.

  1. Click Next.

  2. (Optional) Enable the Redact Message toggle switch. This is an automated action that is triggered when sensitive data is found. The action automatically redacts sensitive data.

  3. Click Next.

  4. Enter a name for the policy.

  5. (Optional) Enter a Description for the policy and click Next.

  6. Verify the configurations and click Submit.

Configuring Webhook Alerts

To configure Webhook as an alert channel:

  1. Enable the Webhook Alert notification channel.

  2. In the Configure Webhook URL field, enter the URL of the Webhook to which you wish to send notifications.

  3. (Optional) Click Add Headers to add header key value pairs.

  4. Click Validate.

  5. Once validated, you can click Next to proceed.

Similarly, you can also use HTTP alerts channel.

Last updated

Was this helpful?