The Nightfall platform is lauded by customers for its high accuracy detection of sensitive data across a variety of cloud environments. This helps users save time by only surfacing the most relevant and most critical instances of sensitive data exposure. We’re always looking for ways to continue to build value in this area, and many of our feature updates like our new PHI detector and enhanced secrets detection releases accomplish this. Our newest platform-wide update, enhanced content preview, is intended to do the same by providing context that Nightfall users can see at a glance to triage alerts even quicker than before.
Getting a bird’s eye view with just a glance
A core focus of the Nightfall platform is to enable teams to reduce operational costs for managing the security of cloud platforms. Accurate findings help accomplish this, but one key attribute we always want to optimize for is actionability. Essentially, we’ve asked ourselves how we can help users determine which alerts should be triaged first, and ideally in a way without overwhelming them with information or too much context. We felt many of the UI and console changes we made last year were a step in the right direction, but wanted to build on these enhancements. The result is our new content preview feature. With it, users will find that alerts will:
- Contain the context needed to triage incidents efficiently, like leading and trailing characters that help contextualize what the finding is and why it was surfaced.
- Provide UI enhancements like color coding of confidence levels and a way to preview snippets of unredacted findings
- And more
Working with the new Content Preview UI
Within the Nightfall console, all alerts contain up to 100 leading and trailing characters around the content that triggered the Nightfall policy violation, which will allow you to glean fuller context about a specific alert. The alert will contain the content that specifically triggered the finding. Additionally, color-coded characters highlight what detector is triggered and the confidence level of the finding.
If you feel that the alert does not provide enough information, you can navigate to the exact location of the violation within the application being monitored for better context. Alternatively, if the finding is in a specific file, you can choose to download the file that triggered an alert (if applicable) so that you can manually review the content and triage its risk and impact yourself.
This allows Nightfall users to quickly scan, review and remediate alerts in one place in just a matter of seconds. We expect this feature to improve risk assessment and monitoring productivity by up to 90% with the UI and context allowing users to quickly and accurately act on relevant information.
Nightfall’s violations dashboard and UI is already a powerful tool for monitoring data security risk. The new Content Preview feature builds on this by allowing me to access this information in an intuitive way within each individual Nightfall alert. This 10 out of 10 feature has greatly increased our workflow for triaging sensitive data violations.
Eric Hoyt, Security Analyst, One Main Financial
If you want to better understand how Nightfall can improve your data security review and risk assessment workflows, scroll down below to schedule a meeting with us.