Remediation on Nightfall for Salesforce
You can manage violations on your data and the require remediation actions
Nightfall supports both manual and automated remediation on policy violations. However, you cannot view policy violations on the Nightfall dashboard or violations monitoring page.
The following table displays the remediation actions that are supported for Nightfall for Salesforce:
Object | Acknowledge | Redact | Delete |
|---|---|---|---|
Feed Comments (Chatter) | Supported across all objects, fields. | Supported | Supported |
Account | | | |
Case | | | |
Contacts | | | |
Contracts | | | |
Feed Item | | | |
Lead | | | |
Task | | | |
User | | | |
Email Messages | | Not Supported | Not supported |
Attachments (in account, case, task, chatter, email, message details | | Not Supported | Supported. Entire attachment is deleted. |
Legend:
Acknowledge | Acknowledge and ignore the violation since it is not high priority. Records in Salesforce remain unaffected. |
Redact | Sensitive token in the record is replaced with this message within Salesforce: “[This content was remediated as it contained potential sensitive information.]” |
Delete | If it an attachments, Nightfall deletes the entire file. In case of sensitive tokens within the text of a relevant field, the text is replaced with this message in Salesforce: “[This content was remediated as it contained potential sensitive information.]” |
NOTE: The Redact and delete action is not supported on "picklist" field types.
You can view policy violation alerts on the channel that you configured - Slack or Email. Within the channel, you can perform remediation action on the alert sent by Nightfall.
Nightfall Violation Alert
You can automate remediation actions from Nightfall console.
Under Automated Actions, check any or all of the options.
- Delete
- Redact
You are set up for Nightfall to work with your Salesforce instance.
You can configure the remediation notifications:
- Manual Remediate
- Automatic Remediation
The following payload is sent to the designated webhook when a manual remediation is performed for a violation, which indicates which fields have been modified on a given object.
{
"eventType": "remediation",
"message": "[email protected] deleted finding(s).",
"remediationMetadata": {
"ActionUser": "[email protected]",
"actionType": "delete",
"fields": "description",
"objectName": "Case",
"remediationType": "manual",
"success": true,
"unchangedFields": ""
},
"remediationTime": "22 Jun 2022 at 6:38AM UTC",
"service": "Salesforce",
"timestamp": "2022-06-22T06:38:07Z",
"violationID": "CRY7XI"
}
The following payload will be sent to the designated webhook when Nightfall automatically remediates a violation, which indicates which fields have been modified on a given object.
{
"eventType": "remediation",
"message": "Automatically remediated finding(s) via an automated action configured on your Nightfall dashboard.",
"remediationMetadata": {
"ActionUser": "",
"actionType": "",
"fields": "description",
"objectName": "Case",
"remediationType": "automated",
"success": true,
"unchangedFields": ""
},
"remediationTime": "22 Jun 2022 at 6:40AM UTC",
"service": "Salesforce",
"timestamp": "2022-06-22T06:40:04Z",
"violationID": "JVXIZS"
}
You should now be all set to start using the Salesforce integration, as well as to manage your alerts as they start to come in.
For any support questions, please feel free to continue to explore the Help Center, specifically the Salesforce FAQs section below, or to reach out to [email protected]:
Last modified 2mo ago