Comment on page
Learn how to configure a detection policy for Nightfall for GitHub
DLP policies are a set of rules that include specific conditions, actions, and exceptions that monitor and filter data. DLP policies also enable you to remediate any leakage of sensitive information from within your organization.
- You can set up policies to scan data that is sent through some or all applications within your organization.
- You can configure policies and choose to not apply them all the time.
Before you define a policy or a set of policies, we recommend that you define the objectives of each policy, which can then be fulfilled when you configure the policy.
Here are a few important questions to ask before configuring your policies:
- What data do you plan to monitor?
- Where within the organization do you want to monitor?
- What should be the scope of each policy?
- What conditions must apply for the policy to match?
- What exceptions/exclusions can be allowed?
- What remediation actions should the policy take?
You can now configure policies on the GitHub integration to determine which repositories are monitored, and which ones are excluded from monitoring. You can also automate the remediation actions that you want Nightfall to perform on a policy violation.
The process of creating policies in Nightfall consists of six stages enlisted as follows.