Overview

Welcome to Nightfall's Firewall for AI Developers Scan and Workflow APIs documentation. This documentation helps developers leverage Nightfall AI's industry-leading detection engine to identify and protect sensitive customer and corporate data anywhere. It prevents unauthorized access and data breaches and allows you to focus on innovation.

Scan APIs

Scan prompts, text, documents, spreadsheets, logs, zips, JSON, images, etc., for PII, PHI, PCI, banking information, API keys, passwords, and network information with the highest accuracy and lightning-fast response times. Redact sensitive findings with customizable formatting.

Workflow APIs

Leverage the full potential of the Nightfall console application through our Workflow APIs. Customize your SIEM workflows and reporting, take actions, update support tickets, alert users, search violations, annotate findings, create reports, and more.

Key Features

  • AI-Powered Identification: Utilize advanced AI models to detect and prevent security threats in real-time.

  • Comprehensive Sensitive Data Detection: Identify PII, PHI, PCI, banking information, API keys, passwords, and network information across various formats including text, documents, spreadsheets, logs, zips, and images.

  • Customizable Redaction: Tailor data protection to your needs with fully customizable redaction for each sensitive entity type.

  • Flexible Detectors: Leverage Nightfall’s comprehensive list of machine learning-based detectors, customize them, or create your own with specialized logic.

  • High Accuracy and Performance: Achieve precision and recall rates of 95% or higher, handle over 1K requests per second, and experience latency of less than 100 ms.

  • Seamless Integration: Easily integrate with your existing AI development and data engineering tools for smooth and efficient operation.

Customizable and Built-in Machine Learning-based Detectors

You can leverage Nightfall’s machine learning-based detectors or create your own detectors with customized logic to scan third-party apps, internal services, and data silos to identify instances of potentially sensitive types of data such as:

  • Personally Identifiable Information (PII) including Social Security Numbers, passport numbers, email addresses, or date of birth

  • Protected Health Information (PHI) such as insurance claim numbers or ICD10 codes

  • Financial information like credit card numbers or bank routing numbers

  • Secrets such as API and cryptographic Keys, database connection strings, passwords, etc.

  • Network information such as IP Address or MAC Address

A Flexible Data Security Solution

Key features of Nightfall’s detection engine include:

  • Defining minimum confidence thresholds and minimum finding counts on detectors to reduce the chance of false positives.

  • Specifying context rules and exclusion rules on detectors to fine-tune their accuracy to better suit your use cases.

  • Choosing which detectors are triggered for each policy.

Using the API

The Nightfall API consumes arbitrary data as input either as strings or as files and allows you to use any combination of detectors to return a collection of “findings" objects.

The detectors may be defined in our web app and referenced in an API call or defined as part of the payload to an API call.

The findings display the relevant detector, the likelihood of a match, and the location within the given data where the matched token occurred (not only in terms bytes — there is support for tabular and JSON data as well).

You can take protective action on sensitive text by redacting, substituting, or encrypting it with the API. You may also set up webhooks to receive asynchronous notifications when findings are detected.

The Nightfall API is RESTful and uses JSON for its payloads. Our API is designed to have predictable, resource-oriented URLs for each endpoint and uses HTTP response codes to indicate any API errors.

You may test out the API through the interactive reference documentation.

Where to Go From Here

The following guide will walk you through getting started and describe the API functionality in more detail. If you want to execute an API call immediately, see our Quickstart guide to see how to obtain an API Key and make a simple scan request.

After that, you can learn about Nightfall with our Key Concepts section, which will also help you get set up with Nightfall.

If you’re looking for more ideas about best to leverage Nightfall’s functionality, see our Use Cases guide.

We have created numerous tutorials and example implementations that demonstrate how to implement DLP for a variety of platforms (including OpenAI, LangChang, Amazon, Datadog, and Elasticsearch) and handle various scenarios (such as detecting sensitive data in GenAI prompts or detecting PII on your machine in real-time).

We also have several language-specific SDKs to get you up and running in Java, Python, Go, Node.js, and Ruby.

You can also quickly test out Nightfall detectors or your custom Detection Rules in the Nightfall Playground. Please also consult our Detector Glossary to see the variety of built-in detectors that Nightfall offers.

The Firewall for AI Overview page allows you to create API keys and manage Detectors and Detection Rules through a straightforward user interface. Log in here to access the Dashboard, or sign up to create a free account.

For frequently asked questions, feedback, and other help, please contact Nightfall support at support@nightfall.ai. We also host Nightfall Developer Office Hours on Wednesdays at 12pm PT to help answer questions, talk through any ideas, and chat about data security. We would love to see you there!

Last updated