Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Nightfall integrates with a variety of cloud services. Because Nightfall is the industry’s first cloud-native DLP solution, it’s simple and seamless to deploy, with no agent installation required or any endpoint/network changes.
Nightfall typically integrates as a third-party app into SaaS applications like Slack via OAuth 2.0. For example, imagine you were logging into Spotify or OpenTable via your Facebook account. This same authentication protocol is what Nightfall uses to integrate into apps like Slack or GitHub. This means that integrating a service like Slack with Nightfall takes just a few clicks by an administrator.
Nightfall is an approved app in SaaS vendors’ “marketplace” ecosystems, for example the Slack Marketplace and GitHub Marketplace. Get up and running quickly with our easy to navigate dashboards and comprehensive documentation.
For more information on how to get started with Nightfall, please email sales@nightfall.ai.
Nightfall saves time by automating data detection, classification, and remediation. First, Nightfall installs in minutes, so you won’t need IT resources or time spent worrying about agents or software to install, patch, manage, and update. Second, classification is automatic and highly accurate, so you’ll eliminate time spent tagging data manually, and reduce time spent reviewing false positives and grappling with alert fatigue. Third, with Nightfall you can set up automatic workflows to take action on sensitive data proactively, which means you’ll reduce time spent manually responding to alerts and reduce mean time to resolution.
In the case of our Slack product, the Nightfall bot lives directly in the Slack workspace, which means administrators don’t have to context-switch between apps, and employees can receive descriptive notifications directly in Slack in real-time, rather than via email, meaning less time finding workarounds.
As a result, you’ll see measurable time savings and productivity improvements that give your team the leverage to focus on other security & compliance challenges.
Traditional data loss prevention (DLP) platforms focus primarily on securing data on endpoints (devices like laptops, phones, servers) or networks. As such, they don’t provide visibility into cloud applications and cloud data infrastructure that enterprises are rapidly moving towards. Nightfall is the industry’s first cloud-native DLP platform focused on detecting & protecting data in the cloud by integrating directly with these services via their APIs.
Legacy DLP solutions are also limited in what they can recognize because they rely on traditional detection methods, such as regex rules and digital signatures/fingerprints. These have severe limitations in accuracy, usually resulting in a high volume of false positives, and significant alert fatigue for end-users. This means negative ROI and limited value.
In contrast, Nightfall leverages machine learning to scan data and its surrounding context, meaning Nightfall can scan both structured & unstructured data with high accuracy. Because of this higher accuracy, customers often have Nightfall automate the response to data leakage events, yielding measurable time savings. Security, compliance, and engineering teams can focus on other problems, versus triaging alerts, getting hours back in their day. What was once negative ROI with traditional DLP is now positive ROI with Nightfall.
Nightfall is the only cloud DLP solution that:
Automatically scans 150+ types of PII, PHI, PCI, credentials, secrets, and more with machine-learning trained detectors.
Offers customizable and configurable detection in our easy-to-use interface.
Integrates in minutes.
Has significant funding, operating history, and backing by leadership from Atlassian, Okta, and more; and executive leadership from Uber, Salesforce, Carta, Microsoft, Box, Slack.
Supports major enterprise customers processing high volumes of data at scale.
Is supported fully in-house, so data is not processed or inspected by a third-party service.
Complies with regimes like HIPAA and CCPA and requisite policies/controls.
Integrates deeply with cloud applications including Confluence, Jira, Slack, GitHub, Google Drive, and more.
Offers a robust API for content inspection in any data silo.
Provides a dedicated customer success manager, solutions architect, help center, and support.
Nightfall is the industry’s first cloud-native data loss prevention platform that discovers, classifies, and protects data via machine learning. In contrast, a CASB (cloud access security broker) is typically a network-based solution that sits between cloud service users and cloud applications to monitor activity and enforce security policies. Data loss prevention identifies and protects sensitive content from loss, such as inappropriate use, sharing, exfiltration, or misuse.
CASBs may have limited data classification and protection capabilities via API, although they aren’t designed for this purpose. As with any monolithic vendor that tackles a wide breadth of problems, a CASB doesn’t achieve the same level of depth in functionality, accuracy in detection, or granularity in remediation as a best-of-breed DLP solution.
Nightfall is designed to inspect content, so we cover a much broader set of (over 100+) file types, including unstructured data, and detect a broader set of (over 100+) detectors. Likewise, accuracy is substantially improved via machine learning. In summary, Nightfall may work well with a CASB if you already have one, or as a replacement for companies focused on high-fidelity data protection in the cloud.
With the proliferation of cloud SaaS and data infrastructure, sensitive data sprays across more and more third-party services like Slack, GitHub, and AWS at an alarming rate. It’s a major challenge to see what data is in these silos and is being transmitted across them in real-time. Moreover, data is increasingly complex & unstructured and is created at an unprecedented rate, making it impossible to consistently tag and keep track of. All of this data can be subject to security risks, in the form of data filtration or leakage outside your organization, resulting in a breach. Likewise, you may be subject to compliance regimes that dictate your use & protection of customer data, such as HIPAA, GDPR, CCPA, and PCI-DSS.
Nightfall is a data loss prevention platform that alleviates these burdens by automatically discovering & classifying sensitive data, giving you visibility into your cloud apps, and giving you the ability to respond & remediate instances of data sharing or data loss that represent security or compliance risks to your business. With these controls in place, you’ll have greater visibility into how sensitive data is stored, managed, shared, processed, and protected within your organization, and reduce the likelihood that this data is compromised by malicious or inadvertent activity.
No, Nightfall doesn’t require data to be pre-tagged. Nightfall uses machine learning to detect 100+ types of sensitive data out of the box, without prior tuning or tagging required. This includes forms of PII, PHI, PCI, and other sensitive content – for example, emails, social security numbers, etc. Our detectors leverage context surrounding a specific token to properly identify and classify it, which dramatically improves accuracy over traditional rules-based approaches to DLP.
Nightfall uses machine learning to classify data. Our deep learning-based classifiers are trained on massive volumes of data to yield high accuracy. Unlike traditional methods, Nightfall considers the context surrounding a given token in order to accurately classify it. This means Nightfall performs well on unstructured and ambiguous data, which is increasingly common in enterprises today. Nightfall parses and scans 100+ file types, including images, screenshots, compressed folders, PDFs, etc. Our classifications are fed into the Nightfall platform so you can review & remediate the findings, or leverage them in your own way via our Firewall for AI.
Use this to understand the language nuances when using Nightfall for text recognition and classification.
For pre-built Nightfall Detectors, Nightfall supports different languages for certain detection algorithms. For sensitive data types that are numeric/alphanumeric - such as card numbers, passport numbers, drivers licenses, etc. - Nightfall trains these detectors with context that corresponds to the language in that geographical area. For example, for our pre-built Brazilian CPF detector (a National Brazilian Tax Number) our detector is trained on context in English and in Portuguese (examples include phrases like “pessoas singulares registro número”).
For custom detectors (such as regular expressions), Nightfall supports any characters in the UTF-8 character set. For all intents and purposes this should support characters in most languages. The full list is available here
For example, let's take the following Hindi text: मेरा नाम पैट्रिक है।
This translates in English to: "My name is Patrick."
If we build a custom detector as a regular expression such as: "पैट्रिक" (which says match on the name “Patrick”), we will be able to detect this in Hindi text.
However, Nightfall has not yet built detection algorithms that attempt to understand this text (beyond what’s stated above), meaning it cannot match through any lexical context or interpretation of the text. In other words, Nightfall has no semantic or lexical understanding on what the underlying characters actually mean unless they are in English or trained per the above.
Because Nightfall has no interpretation of these Hindi characters, the pre-built Person Name detector will not flag on "पैट्रिक" (Patrick).
Integrate with your cloud services in minutes to begin using Nightfall’s machine learning and AI-based detectors to monitor PII and sensitive data immediately. Nightfall’s user-friendly dashboard and comprehensive documentation make it easy to deploy quickly. You can typically integrate Nightfall in a few clicks depending on the service.
Read more about how other companies have used Nightfall to secure their infrastructure .
Nightfall classifies over 100+ types of sensitive data, including forms of personally identifiable data (PII), protected health information (PHI), payment card information (PCI), credentials & secrets, and more. For example, email addresses, credit card numbers, social security numbers, API keys, passwords, and many more. These data types support compliance regimes like HIPAA, GDPR, HIPAA, PCI-DSS. Likewise, Nightfall’s detectors apply to a broad variety of industries and geographies (countries in US, EMEA, APAC, etc.).
Nightfall also supports custom detectors, as well as features such as context rules & exclusion rules that enable you to further tune detectors to your specific business needs and increase accuracy. Contact us at to determine if Nightfall supports detectors that meet your needs.
Yes, Nightfall scans unstructured data and parses text from 100+ file types. For example, this could be data like customer chat logs, JSON objects, application logs, spreadsheets, PDFs, images, screenshots, etc. Read more about the risks imposed by unstructured data on our blog .
Nightfall’s apps are not part of the Cloud Fortified Apps Program with the main reason being support for the bug bounty program. However, we are in compliance with Atlassian security requirements and apps are regularly updated to any recommendations from Atlassian. To learn more about Atlassian security requirements, refer to this document.
The best way to evaluate Nightfall is via a free trial. Contact us at sales@nightfall.ai to get started.
Estimating the amount of data that Nightfall will scan in your organization is an essential step in planning for the usage of historical scans.
The data requirements vary based on the integration. Refer to the respective integration below to understand the potential data volume required to scan via historical scans:
Integration | Reference |
---|---|
Slack
The total amount of data usage is not readily available in the Slack console. Nightfall recommends you export your Slack workspace data for historical scans on Slack. The exported archive file contains messages and links to files shared in Slack. Hence, the size of the exported archive file will likely be very small compared to the total amount of data to be scanned via Nightfall.
Nightfall recommends you export workspace data for up to the last three months, as an example, and request the Nightfall team to run a historical scan on this exported data. Once the historical scan is complete, Nightfall can help you identify the total data scanned (GB) for the respective time period. You can use this information to understand the average monthly data volume in your Slack environment to extrapolate the total data volume required to scan data over a larger time period.
For a basic understanding on usage limits in Slack, refer https://slack.com/intl/en-in/help/articles/115002422943-Usage-limits-for-free-workspaces
Google Drive
Google workspace administration console provides visibility of the storage usage on Google drive. You can use this information to estimate the total data volume required for historical scans on Google drive.
Refer to the Google workspace documentation for details on where to find the storage usage on Google drive https://support.google.com/a/answer/12002268?hl=en&ref_topic=13135206&sjid=7783233059016813973-AP
Salesforce
Salesforce console provides visibility of the storage usage that can be used to estimate the total data volume required for historical scans on Salesforce.
Refer to the Salesforce documentation for details on where to find the storage consumption in Salesforce:
https://help.salesforce.com/s/articleView?id=sf.admin_monitorresources.htm&type=5
Jira/ Confluence
Atlassian admin console may not provide clear visibility of the storage consumption on Jira and Confluence. Hence, Nightfall recommends a sample historical scan for a limited time period, last three months as an example, to be executed to estimate the total data volume required for historical scans on Jira and Confluence.
Refer to the Jira and Confluence documentation for a basic overview on where to find the storage consumption: https://support.atlassian.com/security-and-access-policies/docs/track-storage-and-move-data-across-products/
GitHub
You can get visibility of the total storage consumption in GitHub to understand the total data volume required for historical scans on GitHub.
Refer to the GitHub documentation for details on where to find the storage usage: https://docs.github.com/en/repositories/working-with-files/managing-large-files/about-storage-and-bandwidth-usage
Zendesk
Refer to Zendesk documentation for details on where to find storage usage: https://support.zendesk.com/hc/en-us/articles/4408823446938-Managing-your-account
Can we use Service Accounts for authentication in the Nightfall integrations?
As a best practice, service accounts are recommended for authentication because they will not be tied to any specific user, and will persist regardless of which users may leave/join your organization.
Also, as a security measure, it may be beneficial to provide the access privileges required to a service account, rather than having to manage permissions given to specific users. That being said, the requirements for service accounts differ by integration, as outlined below.
For any other questions/comments regarding service accounts, please contact us at .
Integrations | Service Account Required? | What will happen if the installing user leaves the company? |
Slack | Recommended, but not required | If the person who authenticates leaves the company, you will be prompted to re-authenticate the next time you log in to the dashboard. |
Google Drive | Recommended, but not required | If the person who authenticates leaves the company, you will be prompted to re-authenticate the next time you log in to the dashboard. |
Github | No need for a service account | If the person who installed the app on a given organization leaves, the app will continue to work without interruption. |
Atlassian (Jira/Confluence) | Recommended, but not required | If the person who authenticates leaves the company, you will be prompted to re-authenticate the next time you log in to the dashboard. |
E-discovery and data loss prevention (DLP) are different, albeit conceptually similar. Nightfall is a cloud-native DLP platform.
E-discovery typically pulls messages and files from a platform to store the information in third-party data warehouses, where messages and files can be searched, archived, or retrieved. This serves legal and compliance use cases should the data need to be retrieved or searched for a legal hold.
DLP ensures sensitive data, such as personally identifiable information (PII), isn’t shared inappropriately by scanning for content within messages and files that break selected policies. This serves security and compliance use cases around discovering, classifying, and protecting sensitive data.
Look for active user count for each SaaS application protected by Nightfall.
Integration | User Count |
---|---|
Gmail
You can view the list of users using the Gmail integration by navigating to the Reporting > User Reports > Apps usage
page from the Google Workspace admin console. You can refer this Google documentation for more help.
Zendesk
You can view the list of users using the Zendesk integration by navigating to the Admin Center > People > Team > Team members
page. You can refer this Zendesk Documentation for more help.
Microsoft 365
For Microsoft 365 applications, you can view the number of users from within the Nightfall application. You can navigate to the Settings > Directory Sync
page. This page also displays the total number of guest users (if any) invited to your Azure ID active directory (AD). So the total Active user count is the sum of total licensed Azure Entra ID Active Directory users and guest users invited to your Entra ID AD.
Notion
You can view the list of users using the Notion integration by navigating to the Settings & members > Analytics > Members tab
. You can refer this Notion Documentation for more help.
Slack
You can view the total active user count in Slack from the dashboard. For more information, see the instructions in Slack documentation at https://slack.com/intl/en-in/help/articles/360057638533-Understand-the-data-in-your-Slack-analytics-dashboard
Google Drive
Go to the Google workspace console to find the total number of active users in Google drive. For more information, see instructions at https://support.google.com/a/answer/11479894?hl=en&sjid=13943315555498192084-AP#
Active users excludes suspended, archived, and group users. That removes users who are no longer able to use Google Workspace and any group aliases (e.g. if you have a Sales team alias under sales@companydomain.com, it is not included in the Active user count).
Salesforce
Salesforce offers various user licenses but Nightfall only relies on the count of standard user licenses, if and when applicable. For more information, see the instructions in Salesforce documentation on where to find the count of user licenses https://help.salesforce.com/s/articleView?id=sf.users_understanding_license_types.htm&type=5
Jira/ Confluence
See the instructions in Atlassian documentation for user count information. Please verify the Atlassian edition you are on to identify the active user counts for Jira and Confluence. https://support.atlassian.com/organization-administration/docs/monitor-your-enterprise-user-counts/
GitHub
You can use the below API endpoint to get the list of active users in GitHub https://docs.github.com/en/rest/orgs?apiVersion=2022-11-28#list-organization-members In the response from the API, you can get:
Active users: if the suspended_at field/value is missing or the value is empty, they are considered “active.”
Inactive users: if the suspended_at field/value is set then users are considered inactive.
Please find the permissions required for each integration, in the table below: Native Integrations:
Integrations | Permissions Required | Roles Required for install |
---|---|---|
Alert Platforms:
Alert Platform | Permissions Required for Install |
---|---|
For more information on which integrations/platforms would require/recommend a service account, please refer the page below:
Slack
You can create private channels in Channel Management Permissions.
To create, Select the default option - Everyone, plus multi-channel guests.
Nightfall Enterprise DLP for Slack uses three user token scopes:
discovery:read
discovery:write
groups:write
Nightfall Enterprise DLP for Slack has 13 Bot Token Scopes:
Channels:join
Channels:read
Chat:write
Commands
Files:read
Files:write
Groups:read
Groups:write
Im:read
Im:write
Mpim:read
Users:read
Users:read.email
Nightfall Pro DLP for Slack has 26 Bot Token Scopes:
Channels:history
Channels:join
Channels:manage
Channels:read
Chat:write
Chat:write.public
Commands
Conversations.connect:read
Files:read
Files:write
Groups:history
Groups:read
Groups:write
Im:history
Im:read
Im:write
Mpim:history
Mpim:read
Mpim:write
Reminders:read
Reminders:write
Team:read
Usergroups:read
Usergroups:write
Users:read
Users:read.email
Nightfall Pro DLP for Slack has nine User Token Scopes:
Admin.conversations:read
Admin.conversations:write
Channels:read
Channels:write
Chat:write
Files:write
Groups:read
Mpim:write
Users:read
Slack Workspace Owner - Pro
Slack Org Owner - Enterprise
Google Drive
The following access permissions are required:
https://www.googleapis.com/auth/admin.directory.user.readonly,
https://www.googleapis.com/auth/admin.directory.group.readonly, https://www.googleapis.com/auth/admin.directory.group.member.readonly, https://www.googleapis.com/auth/admin.directory.domain.readonly, https://www.googleapis.com/auth/drive
Google Super Admin
Access to the following is required:
User Read
Group Read
Billing Read
Domain Management
Domain Settings
Services > Drive and Docs > Settings: List Companies Shared Drives
Google Service Account
Confluence
Space Permissions:
All - View
Pages - Add
Delete Blog - Add
Delete Comments - Add
Delete Attachments - Add
Delete Space - Admin
Confluence Admin
Jira
Nightfall for Jira can perform the following actions on your behalf:
Create and manage issues: Create and edit issues in Jira, post comments as the user, create worklogs, and delete issues.
View Jira issue data: Read Jira project and issue data, search for issues, and objects associated with issues like attachments and worklogs.
View user profiles: View user information in Jira that the user has access to, including usernames, email addresses, and avatars.
Jira Admin
Github
To enable integration, Read access to the following is required:
Code
Commit statuses
Members
Metadata
Github Organization Owner
Salesforce
Nightfall DLP connected app package required the following permissions:
Access to identity url service
Access content resources
Manage user data via APIs
Perform requests at any time
A dedicated user with system administrator privileges in Salesforce can install the connected app package, and grant access to Nightfall via OAuth.
Slack
Slack Workspace Owner
Jira
Jira Admin