We are excited to announce that Nightfall DLP for GitHub now has two plans available: Pro and Enterprise. Both plans allow you to discover, classify and protect sensitive information in any GitHub organization by actively scanning your codebase for secrets, credentials, PII, and other business-critical data to notify you of data policy violations. The Enterprise plan provides the additional ability to scan the commit history of any repo within your GitHub org.
Here is what’s new
Monitor data policy violations without disrupting your developer workflow
The Nightfall for GitHub user interface is built for security admins. With the new UI, the detection engine, alert integrations, policies, and violation results are all managed in the Nightfall Dashboard (the same dashboard configured for all Nightfall products, for a single pane of glass to discover & protect data across the cloud). With Nightfall for GitHub, you can enforce data policies for GitHub on any public or private repo in real-time without disrupting your development team’s workflow.
Leverage pre-tuned detectors or build your own
Like with all Nightfall products, with Nightfall for GitHub there’s no tuning period necessary for our detectors. You can simply run them out of the box hassle-free and expect high accuracy . Additionally, from the dashboard you can create detection rules to set parameters like confidence thresholds or minimum count findings in order to limit alerts to specific criteria. You can also create your own detectors based on token types unique to your development environment. Use the same detection rules you’ve created across other apps connected to Nightfall to make it your single source of truth.
Streamline remediation tasks using Integrations with 3rd party tools: Slack, Jira or a SIEM.
Once you've configured the detection engine and set up real-time scanning in GitHub, you can review detected violations in Nightfall’s intuitive dashboard. You also have the ability to send alerts to Slack when new violations are detected, send tickets directly to your team’s Jira projects to create a remediation task or push scan results to a SIEM, reporting tool or webhook.
Resolve recurring violations once
Multiple violations at times can involve the same secret. As you review the violations tab, you can investigate each violation to review the details of the secret in question, the code snippet in GitHub and all other violations with the same secret. Once a violation has been resolved, you can easily resolve all other violations with the same secret as well. Nightfall for GitHub is now available in general release. Contact us at firstname.lastname@example.org or schedule a demo below.
Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like GitHub, Slack, & Google Drive as well as IaaS platforms like AWS. You can schedule a demo with us below to see the Nightfall platform in action.