Scope of the Policy
In many cases, you may not need all of your data, residing in the integration, to be scanned. You might only require a specific section of your data to be scanned which is highly prone to data leakage.
The Scope stage allows you to set boundaries for monitoring. All the integrations (except Notion) in Nightfall provide you the flexibility to pick and choose specific sections to include or exclude for monitoring. Nightfall scans only the data that matches the scope settings configured by you.
The Scope section has the following components.
Inclusion Rules
The Inclusion rules allow you to select sections of your integration that must be scanned by Nightfall. The options available in inclusion rules vary for each integration.
Exclusion Rules
The Exclusion rules allow you to select sections of your integration that must be excluded by Nightfall from scanning. The options available in exclusion rules vary for each integration.
For instance, consider the JIRA integration. For this integration, you must first select the JIRA instance that you wish to be scanned by Nightfall.
Once you select the JIRA instance, you must configure the inclusion and exclusion rules. In this case, the options available for inclusion and exclusion rules are projects (options vary if you select another integration). You must now select which projects you wish to scan. In some scenarios, you might have created a JIRA project just for testing some workflows. You can choose to exclude such projects and also other projects that you feel are least prone to data leak attacks.
You can choose your required projects in one of the following ways.
In the Include In Monitoring section (inclusion rules) select All Projects and then in the Exclude From Monitoring (exclusion rules) section select the projects to be excluded.
Select Choose Projects in the Include In Monitoring section (inclusion rules) and select the required projects.
In the following image, Demo service request is a test project and we wish to exclude it from monitoring. There are two ways to do it as shown below.
If you wish to scan all the projects of a JIRA instance, select All Projects in the Include In Monitoring (inclusion rules) section and do not select anything from the Exclude From Monitoring (exclusion rules) section. Alternatively, select Choose Projects in the Include In Monitoring (inclusion rules) section and select the required projects.
You can configure multiple instances of JIRA in a single policy. You must follow the same procedure and set the inclusion and exclusion rules for each instance. In the following image, you can see three instances of JIRA, each configured with different inclusion and exclusion rules.
Similarly, you can configure the inclusion and exclusion rules in other integrations as well. As stated above, the options vary for each integration.
Last updated
