Learn how to set up the Nightfall DLP for GitHub and protect your data from leakages.
GitHub is a service that allows you to store and manage your code and other assets within repositories.
Nightfall DLP for GitHub protects your data, like API keys and secrets, from leakages that could happen when using GitHub. Nightfall scans commits to Git repositories, identifies sensitive information, and prevents it from being leaked.
Nightfall for GitHub supports the following cloud editions of GitHub:
Enterprise Cloud
Enterprise Servers
For Teams and Startups
You can install and authorize Nightfall DLP app package in GitHub.
Make sure the following requirements are fulfilled before you get started.
Learn how to set up alerts on Nightfall for Github
Nightfall sends alerts in real-time to the channels or platforms you configure. You can configure the following alerts:
Slack Alerts
Webhook
Jira Tickets
The Nightfall for GitHub integration allows you to configure alerts at the policy level and also at the integration level.
When you configure alert settings at the integration level, the alert settings apply to all the policies, created for the Nightfall for Github integration. However, when you configure alert settings specifically for a policy, created in the GitHub integration, the alert settings are applicable only for the specific policy.
This document explains how to configure alerts at the integration level. To learn about how to configure alerts at the policy level, read this document.
To use Slack as an alert method, you must first perform the required Slack configurations. You can refer to this document to learn more about how to configure Slack as an Alert platform.
To use Webhook as an alert method, you must first perform the required Webhook configurations. You can refer to this document to learn more about how to configure Webhook as an Alert platform.
You can configure alerts at the integration level once you have installed the Nightfall for GitHub integration.
To configure alerts at the integration level:
Navigate to the Nightfall for Github integration.
Scroll down to the Alerting section.
Nightfall provides you with the following alert methods.
Slack: Enter the name of the Slack channel to which the violation notifications from this integration must be directed and click Save.
Email: Enter the Email ID of the recipient to whom the violation notification must be sent and click Save.
Webhook: Enter the Webhook URL and HTTP headers
JIRA: Select the JIRA project, issue type, enter comments, and click Save changes.
When you configure alerts to a Webhook, Nightfall AI sends occasional posts to:
To validate that the Webhook is properly configured before the policy is saved.
Periodically thereafter to ensure that the Webhook is still valid.
The response to the test Webhooks is 200 status code if successful.
An example of Webhook request is as follows.
This is part of alert event consumption and can be ignored.
Learn how to install Nightfall DLP for GitHub
You can install Nightfall for GitHub via the . The Nightfall app for GitHub requires the following permissions:
Read access to code, commit statuses, and metadata
Read and write access to issues and pull requests
Nightfall has an option to notify developers for violations via email. Further, the Nightfall app for GitHub also needs read and write permissions on issues and pull requests to tag developers in pull request comments. These permissions are needed by Nightfall to tag developers for violations in a commit or a Pull Request.
To install from Nightfall's console,
Go to Nightfall's dashboard .
Click GitHub under My Integrations. The GitHub Account Information screen displays. If GitHub is not listed under My Integrations but is in Available Integrations, please reach out to your Nightfall contact.
Click + Add Org. The GitHub sign-in page displays.
Log in to the GitHub instance where you wish to install Nightfall for GitHub. If you are already logged in to your GitHub account, you only need to enter the password.
If you have enabled multi-factor authentication (MFA) on your GitHub account, you receive an authorization code. You must enter this code to continue the installation process.
Ensure that the All repositories radio button is selected on the Authorization page. This ensures that all of your GitHub repositories are monitored by Nightfall. Nightfall recommends you to select this option. To monitor only a specific set of repositories, select Only select repositories radio button and select the required repositories.
Click Install and Authorize.
Nightfall for GitHub is now successfully installed. You can check your GitHub username under the Account Information section of the GitHub integration.
This section explains how you can modify the repository settings configured while installing Nightfall for GitHub. This section helps you in the following scenarios.
While installing Nightfall for GitHub, you have allowed only a few repositories to be monitored by Nightfall, and now wish that Nightfall monitors more or all of your GitHub repositories.
While installing Nightfall for GitHub, you have allowed all your GitHub repositories to be monitored by Nightfall and now wish only a few repositories to be monitored.
To modify Repository settings:
Log in to the GitHub account on which Nightfall for GitHub is installed.
Click the name icon on the extreme right corner and select Settings.
Select Applications under the Integrations section from the left menu.
Select Configure for the Nightfall for the GitHub application.
Scroll down to the Repository access section and make the necessary changes.
Click Save.
If you select only some specific repositories to be monitored by Nightfall and later on wish to monitor more repositories or all the repositories, refer to
