The Nightfall blog is a knowledgebase for cybersecurity professionals with news and insights from the world of cloud security. Each week, we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.
We have a lot of exciting news to announce this month. The Nightfall Developer Platform has launched and is making it easy for developers to build data discovery, classification, and protection into any SaaS application or platform. In addition to sharing the Developer Platform with developers everywhere, we’ve also created a guide on how data protection and content inspection are connected, with an overview of the four requirements needed to build a robust content inspection program as part of your cloud security strategy .
Our engineering team is also providing new content this month. The Engineering Blog is the home of stories written by the builders of Nightfall’s products. Nightfall Co-Founder and CTO Rohan Sathe shares two pieces of writing: a brief history of Nightfall and the functionality that powers the Nightfall Developer Platform, and a contributed piece on Dataversity about how businesses can win trust with customers by prioritizing data security.
We’re also sharing announcements about Nightfall’s SOC 2 Type 2 certification and our newest DLP scanners for Intercom and Box.
Announcing the Nightfall Developer Platform – APIs for building data protection into any application
Nightfall’s vision is to power data protection in every app or service. Our native SaaS integrations for apps like Slack, GitHub, and Google Drive protect organizations of all sizes and across many different industries against data leaks with our machine learning-powered detection engine.
We’re launching the Nightfall Developer Platform to build the same power of data discovery, classification, and protection into any SaaS application or platform. We created the Developer Platform with developers in mind — our powerful APIs make it easy for developers and engineers to build data protection infrastructure. The Developer Platform provides access to the same high-accuracy, battle-tested detectors that power our native integrations.
Read more about the Developer Platform and start thinking about all the amazing things you can build with the power of Nightfall’s APIs.
4 Components of modern data protection and content inspection
What does content inspection have to do with cloud data security? The two ideas are very closely linked: security teams need to identify and manage sensitive content across all their applications, and do it in an easy and repeatable way. If data is accurately detected and classified, there’s no need for extensive data mapping exercises across thousands of tables, applications, and systems. Data is easy to find when content inspection is applied properly to SaaS systems.
The answer comes from confronting two main problems: the big data problem, and the distributed systems problem. Our blog post on the components of modern data classification and protection infrastructure breaks down the two major issues in content inspection, and what pieces are required to take on this concept.
I left the founding team at Uber Eats to build the developer tool I always needed
Nightfall Chief Technical Officer and co-founder Rohan Sathe took on a new passion after he left his role as founding engineer at Uber Eats: cloud data security. He worked with Isaac Madan, Nightfall CEO and co-founder, to build a solution that would allow security teams to view sensitive data and remove it in a way that nearly resembles native functionality by authenticating into cloud environments via API. This idea became what Nightfall is today — and the functionality that powers the Nightfall Developer Platform.
Rohan writes in his blog post on the history of the Nightfall Developer Platform, including how we approach consumer data protection with data visibility, data hygiene, and remediation, and how Nightfall delivers best-in-class data detection, classification, and protection via our APIs.
Welcome to Nightfall’s Engineering Blog
As our engineering team has developed new products and found solutions to problems and issues that come with building new things, we found an opportunity for them to tell their stories. That’s where the idea for the Nightfall Engineering Blog was born.
Engineering is a creative endeavor — we’re always striving to solve problems and find new ways to make things work across the tech stack. We’re bringing the creative minds of the Nightfall engineering team to our blog to tell the stories behind the challenges, learnings, solutions, approaches, and wins they encounter every day.
The debut post from the engineering blog is the introduction to our series where we openly share what we’ve achieved, with these shared learnings as guideposts for developers looking to build more scalable and reliable systems.
The State of cloud security: How businesses can win trust with customers
Cloud adoption is growing, which means the need for cloud security is increasing as well. Companies that handle customer information must have security procedures in place to protect their sensitive data. Cloud platforms like Slack and Google Drive often lack data security features that meet compliance standards like HIPAA, PCI-DSS, or GLBA.
Some of the biggest threats to customer data are manual error and insider threat. Data exposure from insider activity can occur in SaaS or IaaS environments. Nightfall CTO and Co-Founder Rohan Sathe writes in Dataversity on the importance of cloud-native data loss prevention programs for businesses and how these companies can prove to their customers that data security is a top priority with every transaction.
Nightfall Achieves compliance with SOC 2 Type 2 standard
We’re proud to announce that Nightfall has achieved Service Organization Control (SOC) 2 Type 2 compliance. With our SOC 2 Type 2 certification, we’re doubling down on our commitment to securing our customer data and maintaining strong security practices. As a company that provides protection for data such as personally identifiable information (PII), payment card information (PCI), and credentials, we understand the importance of staying in compliance and adhering to security best practices.
Read more about our SOC 2 Type 2 certification on the Nightfall blog.
Protect sensitive data in customer conversations with Nightfall’s Intercom DLP Scanner
Chat and messaging systems are the backbone of customer experience communications. When customers contact your business via platforms like Intercom, they can often share personal information that must be protected. Preventing the spread of sensitive data like personally identifiable information (PII), email addresses, and health information in Intercom messages is a security best practice.
Do you know what data customers are sending you via chat? Nightfall makes it easy to find the data you must protect with the Intercom DLP Scanner. Read more about the Nightfall Intercom DLP Scanner.
Secure sensitive data stored in files in Box with Nightfall’s Box DLP Scanner
Remote work is the norm in our world today. File sharing and storage platforms like Box have become essential pieces of digital infrastructure. Now, it’s more important than ever to ensure that the services we use for file sharing and cloud storage follow strict security and compliance policies.
Storing files in Box without proper security measures in place can increase the risk of data loss and exposure, as well as compliance violation risks with HIPAA, PCI, SOC 2, and other regimes. Protecting sensitive customer and corporate data in Box is an important part of your cloud security strategy. Nightfall makes it easy to find the data you must protect with the Box DLP Scanner.
A definitive guide to security analytics
Security analytics uses software, algorithms, and apps to analyze and detect security threats to IT systems. This approach may be more flexible and nimble for security teams to adopt over other options like security information and event management (SIEM) software, which is considered a complex, CPU-intensive process. Security analytics provides a structured view of real-time and historical data to help security teams spot anomalies and quickly address them before the attack can strike.
There’s a lot more to why security analytics could be the right fit for your company. Read more on how security analytics works on the Nightfall blog.