Nightfall is:

• Agentless. Nightfall isn't deployed as software that requires installation, rather it integrates with the applications we secure through APIs. This makes deployment easy and updates to our platform effortless, without getting end-users or IT involved.

• API driven. Central to Nightfall is the API driven nature of our platform. Connecting with cloud platforms via API means that visibility and security policies immediately apply at the application layer. Nightfall can derive platform-specific context & metadata, as well as provide granular, platform-specific actions, versus broad-brush blocking on the network.

• Agnostic. Nightfall is platform, endpoint, and network agnostic in that we’re capable of integrating with cloud platforms quickly and can provide single pane of glass visibility across multiple cloud apps simultaneously. Via our Developer platform, you can also provide coverage for applications we don't natively integrate with, including your own custom apps be they cloud-based or on-prem.

• Automated. Nightfall doesn't just provide visibility into the cloud, but helps automate policies whenever possible. The sheer volume of data that moves through cloud systems combined with the always-on nature of cloud applications means that incidents can happen at any time and will require immediate remediation. Automation ensures that security teams can respond to these as quickly as possible.

• Accurate. Finally, in order to help security teams process the massive amounts of data in the cloud, cloud-native DLP must be accurate. The accuracy of Nightfall is enabled by the same systems that allow us to automate detection — an effective use of machine learning that can quickly and accurately identify when business-critical data has been exposed.

See the diagram below to understand the coverage provided by Nightfall.

Nightfall has several key benefits, including:

• Reductions in both the cost and occurrence of data breaches. Nightfall limits the exposure of things like credentials and secrets, which are a common cause of data breaches. Nightfall also limits the exposure of PII and other business critical content, which means that if a breach does occur, its impact is minimized

• Nightfall generates time savings by helping automate the task of discovering, classifying, and appropriately remediating sensitive and business-critical data.

To learn more, see our ROI calculator: https://nightfall.ai/roi-calculator

Unlike traditional IT environments, cloud systems have no perimeter in the traditional sense. Historically, security revolved around keeping intruders out and hardening systems explicitly owned by an organization. However, the entire point of cloud adoption is to enable data to be wherever it needs to in order to be useful. As such, data itself is best thought of as part of your organization’s attack surface — the more data you have, the bigger your data exposure risk.

1. The cost of exposures tends to be higher in the cloud

Data is growing rapidly in the cloud and many organizations don’t have the best handle on the data proliferating within cloud silos. The end result is that basic policy violations have the potential to expose a massive amount of records. We discussed this very issue in an article published in ITProPortal. In that post, we revealed that just five cloud data leaks in 2020 exposed nearly 27 billion records. The data was derived from our 16 year breach report published earlier in 2021. In the report, we illustrated that misconfigurations in cloud systems, especially those like AWS S3 and Elasticsearch, can result in disproportionately higher numbers of exposures because of the volumes of data stored in these systems.

SaaS systems aren’t exempt from this risk either. Systems like GitHub can contain secrets that can be used to access other systems and collaborative tools like Google Drive, Jira, and Confluence may have files that are exposed publicly due to permissions misconfigurations. The commonality with all cloud exposures is that they can go on indefinitely until an organization is notified by an altruistic third party, or until they acquire the tools that let them see any data exposures.

2. Security and IT teams are stretched thin

It’s no secret that the cybersecurity industry is currently undergoing a skills shortage and that, at the same time, the costs of breaches are rising. This leaves security professionals in the hard spot of triaging risk, possibly leaving gaps in some organizations’ security programs. Having a solution that can intelligently automate security tasks and only alert on events that are critical.

3. It’s very difficult to consistently enforce proper data policies in the cloud

One of the key problems organizations face regarding security and compliance is ensuring that employees are aware of best practices and verifying that they’re following these guidelines. Without sufficient visibility into cloud systems, this can be very difficult to do for the reasons we’ve highlighted above.

4. The cloud shared responsibility model requires it

The shared responsibility model, best articulated by AWS, requires organizations to understand their risks and have the ability needed to address them. Organizations should begin this work by identifying and mapping critical cloud security areas to processes and solutions that are relevant. Ty Sbano, Sisense’s Chief Security & Trust Officer, briefly illustrates how resources like CIS’s representation of the shared security model could be used to help with this process in the segment below.

A common misconception is that Cloud Access Security Brokers (CASBs) can accomplish the same level of DLP protection as cloud-native DLP solutions. CASBs are deployed as proxies and sit between the network layer and the cloud application layer allowing them to inspect traffic traveling between your network and designated cloud environments. The limitations of CASBs stem primarily from the fact that they can only inspect network traffic, and do not natively integrate with cloud applications or infrastructure.

A summary of differences between Nightfall’s Cloud DLP and CASBs is shown below.

Nightfall recommends you to read the Why Cloud DLP? document and then proceed with this document.

Nightfall is the industry’s first AI-native data leak protection platform. Nightfall integrates directly with cloud apps and data infrastructure to discover, classify, and protect sensitive information. Typical use cases for Nightfall include data loss prevention (DLP), data classification, and content moderation. Nightfall has pre-built integrations for popular cloud apps like Slack, GitHub, Google Drive, Confluence, Jira and Salesforce; and also offers the ability to integrate with any application or data flow via our Developer Platform.

With Nightfall:

• Identify where you have risks related to sensitive information exposure in the cloud.

• Protect sensitive information, for example by removing it from where it doesn’t belong.

• Add content inspection and remediation capabilities to any third-party application, without agents or proxies.

• Leverage machine learning (ML)-based detection for smarter results, with high accuracy, easy tuning, and fewer false positives.

• Configure and customize data detection policies that meet your organization’s unique needs, such as allowing data to exist in one location but not another.

Nightfall provides 150+ ML-based detectors out of the box to identify and remove a wide range of sensitive data, helping organizations to implement a holistic approach to data stewardship across their cloud ecosystem, and to comply with SOC 2, HIPAA, PCI, CCPA, and client requirements.

Nightfall is backed by Bain Capital Ventures, Venrock, Webb Investment Network, and a cadre of high-profile operators, including CEO/executives of Okta, Splunk, FireEye, Atlassian, and Salesforce.

Learn more about Nightfall here.