Links

Remediation on Nightfall for Salesforce

You can manage violations on your data and the require remediation actions
Nightfall supports both manual and automated remediation on policy violations. However, you cannot view policy violations on the Nightfall dashboard or violations monitoring page.
The following table displays the remediation actions that are supported for Nightfall for Salesforce:
Object
Acknowledge
Redact
Delete
Feed Comments (Chatter)
Supported across all objects, fields.
Supported
Supported
Account
Case
Contacts
Contracts
Feed Item
Lead
Task
User
Email Messages
Not Supported
Not supported
Attachments (in account, case, task, chatter, email, message details
Not Supported
Supported. Entire attachment is deleted.
Legend:
Acknowledge
Acknowledge and ignore the violation since it is not high priority.
Records in Salesforce remain unaffected.
Redact
Sensitive token in the record is replaced with this message within Salesforce:
“[This content was remediated as it contained potential sensitive information.]”
Delete
If it an attachments, Nightfall deletes the entire file.
In case of sensitive tokens within the text of a relevant field, the text is replaced with this message in Salesforce:
“[This content was remediated as it contained potential sensitive information.]”
NOTE: The Redact and delete action is not supported on "picklist" field types.

Remediating Policy Violations

You can view policy violation alerts on the channel that you configured - Slack or Email. Within the channel, you can perform remediation action on the alert sent by Nightfall.
Nightfall Violation Alert

Automating Remediation

You can automate remediation actions from Nightfall console.
Under Automated Actions, check any or all of the options.
  • Delete
  • Redact
You are set up for Nightfall to work with your Salesforce instance.

Remediation Notifications

You can configure the remediation notifications:
  • Manual Remediate
  • Automatic Remediation

Manual Remediation

The following payload is sent to the designated webhook when a manual remediation is performed for a violation, which indicates which fields have been modified on a given object.
{
"eventType": "remediation",
"message": "[email protected] deleted finding(s).",
"remediationMetadata": {
"ActionUser": "[email protected]",
"actionType": "delete",
"fields": "description",
"objectName": "Case",
"remediationType": "manual",
"success": true,
"unchangedFields": ""
},
"remediationTime": "22 Jun 2022 at 6:38AM UTC",
"service": "Salesforce",
"timestamp": "2022-06-22T06:38:07Z",
"violationID": "CRY7XI"
}

Automated Remediation

The following payload will be sent to the designated webhook when Nightfall automatically remediates a violation, which indicates which fields have been modified on a given object.
{
"eventType": "remediation",
"message": "Automatically remediated finding(s) via an automated action configured on your Nightfall dashboard.",
"remediationMetadata": {
"ActionUser": "",
"actionType": "",
"fields": "description",
"objectName": "Case",
"remediationType": "automated",
"success": true,
"unchangedFields": ""
},
"remediationTime": "22 Jun 2022 at 6:40AM UTC",
"service": "Salesforce",
"timestamp": "2022-06-22T06:40:04Z",
"violationID": "JVXIZS"
}
You should now be all set to start using the Salesforce integration, as well as to manage your alerts as they start to come in.
For any support questions, please feel free to continue to explore the Help Center, specifically the Salesforce FAQs section below, or to reach out to [email protected]:
Last modified 2mo ago