Remediation on Nightfall for Salesforce

You can manage violations on your data and the require remediation actions

Nightfall supports both manual and automated remediation on policy violations. However, you cannot view policy violations on the Nightfall dashboard or violations monitoring page.

The following table displays the remediation actions that are supported for Nightfall for Salesforce:

ObjectAcknowledgeRedactDelete

Feed Comments (Chatter)

Supported across all objects, fields.

Supported

Supported

Account

Case

Contacts

Contracts

Feed Item

Lead

Task

User

Email Messages

Not Supported

Not supported

Attachments (in account, case, task, chatter, email, message details

Not Supported

Supported. Entire attachment is deleted.

Legend:

Acknowledge

Acknowledge and ignore the violation since it is not high priority.

Records in Salesforce remain unaffected.

Redact

Sensitive token in the record is replaced with this message within Salesforce:

“[This content was remediated as it contained potential sensitive information.]”

Delete

If it an attachments, Nightfall deletes the entire file.

In case of sensitive tokens within the text of a relevant field, the text is replaced with this message in Salesforce:

“[This content was remediated as it contained potential sensitive information.]”

NOTE: The Redact and delete action is not supported on "picklist" field types.

Remediating Policy Violations

You can view policy violation alerts on the channel that you configured - Slack or Email. Within the channel, you can perform remediation action on the alert sent by Nightfall.

Automating Remediation

You can automate remediation actions from Nightfall console.

Under Automated Actions, check any or all of the options.

  • Delete

  • Redact

You are set up for Nightfall to work with your Salesforce instance.

Remediation Notifications

You can configure the remediation notifications:

  • Manual Remediate

  • Automatic Remediation

Manual Remediation

The following payload is sent to the designated webhook when a manual remediation is performed for a violation, which indicates which fields have been modified on a given object.

{
 "eventType": "remediation",
 "message": "mohit+prod@nightfall.ai deleted finding(s).",
 "remediationMetadata": {
   "ActionUser": "mohit+prod@nightfall.ai",
   "actionType": "delete",
   "fields": "description",
   "objectName": "Case",
   "remediationType": "manual",
   "success": true,
   "unchangedFields": ""
 },
 "remediationTime": "22 Jun 2022 at 6:38AM UTC",
 "service": "Salesforce",
 "timestamp": "2022-06-22T06:38:07Z",
 "violationID": "CRY7XI"
}

Automated Remediation

The following payload will be sent to the designated webhook when Nightfall automatically remediates a violation, which indicates which fields have been modified on a given object.

{
 "eventType": "remediation",
 "message": "Automatically remediated finding(s) via an automated action configured on your Nightfall dashboard.",
 "remediationMetadata": {
   "ActionUser": "",
   "actionType": "",
   "fields": "description",
   "objectName": "Case",
   "remediationType": "automated",
   "success": true,
   "unchangedFields": ""
 },
 "remediationTime": "22 Jun 2022 at 6:40AM UTC",
 "service": "Salesforce",
 "timestamp": "2022-06-22T06:40:04Z",
 "violationID": "JVXIZS"
}

You should now be all set to start using the Salesforce integration, as well as to manage your alerts as they start to come in.

For any support questions, please feel free to continue to explore the Help Center, specifically the Salesforce FAQs section below, or to reach out to support@nightfall.ai:

pageFAQs
PreviousJira TicketsNextRedact

Last updated