Configuring Salesforce Exfiltration Policies
Exfiltration policies allow you to monitor download events across your Salesforce environment. Through real-time download monitoring, you can identify insider risk and anomalous behaviour before it escalates to large scale security incidents. The following are supported and monitored by Nightfall for exfiltration activities,
Attachments & Files
Reports
Records & Objects
Download of any of the above information containers is an exfiltration activity for Nightfall, and if such activities breach a threshold set in one of the exfiltration policies in Nightfall, then Nightfall will flag it an exfiltration event. You can configure which users should receive notifications and what automatic actions must be taken when an exfiltration event is detected.
The detailed steps to configure the Salesforce Exfiltration policy is explained in the following documents.
Last updated