The Nightfall blog is a knowledge base for cybersecurity professionals with news and insights from the world of cloud security. Each week, we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.
There are many stories worth sharing this month, including:
- Last month, Nightfall launched Nightfall for Asana, the first and only DLP solution for the Asana ecosystem.
- Nightfall for Salesforce is now GA and has been updated to include a new violations monitoring feature.
- Interested in trying out our newest integrations? Nightfall has a number of free offers you can take advantage of. Learn more below.
- Learn about new product features for Nightfall for Google Drive and how you can take advantage of them.
- We're introducing five new core features for the Nightfall DLP platform, including exact file matching and out-of-the-box HTTP headers.
- Karim Beldjilali joins Nightfall as our CISO. Karim was a previous Nightfall customer and has more than 20 years of experience in security. Read our spotlight on Karim.
- Data leaks resulting from exposed secrets and credentials are becoming more common. Learn about the basics of secret scanning to protect passwords and API keys from exposure.
- A recent AstraZeneca leak, exposing Salesforce Cloud PHI through credentials in GitHub, provides an example of how cloud data exposure risk can occur.
Nightfall launches the first and only DLP solution for Asana
Nightfall has launched the first and only DLP solution for Asana. Like our other partnerships and native integrations, this new service in Asana is powered by the Nightfall Detection Engine. Using our machine learning detectors, Asana users will be able to find PII, PHI, PCI, secrets, credentials and more in places where they don’t belong. Learn more by reading the full post.
Now Available: Nightfall Expands Data Security and Compliance for Salesforce Customers
Available in AppExchange, Nightfall Data Security for Salesforce is capable of scanning Salesforce objects and fields in real-time for the PII, PHI, PCI, and other sensitive data types you deem to be inappropriately shared within your Salesforce sandbox and production environments. This month, we’re updating the Salesforce integration by enabling you to view violations through the Nightfall console. Leverage Nightfall’s dashboards to manage Salesforce violations and track and monitor violation trends over time. Learn more by scheduling time to speak with us.
Free offers from Nightfall DLP
Interested in trying one of Nightfall's newest integrations, or just want to learn more about Nightfall in general? Take advantage of some free offers:
- Free trial for any Nightfall integration. You can request a free trial for any Nightfall integration by going here and filling out the form.
- Free risk assessments for Zendesk, Jira, & Confluence. Anyone who has Zendesk, Jira, or Confluence can request a free risk assessment. We’ll scan your environment and provide a detailed report of exactly what types of sensitive data are there, which users are sharing the most sensitive data, and more.
New Product Features for Nightfall for Google Drive
In September, we introduced features that will allow you to “lock down” a file in Google Drive by preventing viewers and commenters from downloading, copying, or printing it. If you have a use case in Google Drive that centers around preventing data exfiltration, then feel free to reach out to us or request a free trial.
New Nightfall Platform Enhancements Makes Parsing and Managing Findings Easier
Nightfall customers have always lauded the platform’s ease of use and simplicity, but our team is always hard at work looking for ways to improve user experience. New features include:
- File fingerprint detector
- Detection within file Names
- MIME file type detection
- HTTP Headers for Webhook Alerts
- Webhook Alerts Findings Schema
Nightfall Employee Spotlight: Karim Beldjilali – CISO
We’re excited to introduce Karim Beldjilali, who just joined Nightfall as our CISO. Karim has over 20 years of experience working at large organizations such as New York Times, Sanofi, UBS and of late with rapidly growing startups such as Rightway. Karim brings deep familiarity with the Nightfall platform, having used it in prior roles. Read our recent interview with Karim.
The Essential Guide to Secrets Scanning
Recent studies found that a large majority of breaches are caused by stolen secrets & credentials, such as API keys. Learn how secrets scanning can help you proactively defend these from exfiltration risk.nterview with Karim.
Recent AstraZeneca Breach Illustrates Risk of Credential Leakage Across Cloud Apps
TechCrunch broke a story about pharmaceutical giant AstraZeneca, which experienced a leak affecting sensitive patient data. We think this incident is worth reviewing to learn more about how data exfiltration risk is distributed across the entirety of an organization’s SaaS infrastructure. Read our report on this breach to learn the takeaways.