Nightfall Product Launch 2026: The Future of Data Loss Prevention | Jan 15, 2026 10am PT / 1pm ET
Register Now
Blog

Nightfall Product Updates & News: Fall 2025

Anant Mahajan
November 14, 2025
On this page

Here's the latest product news and updates from Nightfall at a glance:

Nyx 2.0 now delivers:

  • Nightly Insider Risk Briefs summarizing top risks
  • Full-Screen Review Mode for distraction-free triage
  • Smarter Detection & Scoring with clearer reasoning
  • Stricter Guardrails to flag missing data
  • Prompt Cards & Prompt of the Month to uncover hidden exfiltration

AI-powered detection has grown to include:

  • 20+ new file classifiers for sensitive docs beyond keywords
  • Prompt-based detectors for entities and files, perfect for IP, R&D, and strategy docs

Exfiltration prevention now includes browser session checks, endpoint previews, Windows content inspection, device management APIs, and custom block messages.

Plus, DDR and Zendesk improvements streamline tagging, scanning, and remediation.

Read on for more details about each update and how to get started with early access.

Nyx (Autonomous DLP Analyst)

Nyx 2.0: Smarter, Faster, Clearer

Nyx just received a major upgrade focused on speed, clarity, and real-world Insider Risk workflows. These updates make it easier to identify high-priority risks, investigate user and data movement patterns, and take confident, targeted action - fast.

‍Nyx Insider Risk Brief
Nyx now delivers a nightly Insider Risk Brief, greeting you each morning with the top risks and notable events from the past 7 days. It's your fastest path to knowing exactly where to focus first.

Full-Screen Review Mode
We've added a focused, full-screen reader mode that makes reviewing Nyx findings easier and distraction-free. Ideal for daily triage, weekly review, and incident investigations.

Faster, More Accurate Results
Nyx is now faster and numerically more accurate, with improvements across detection, scoring, and summaries. Expect snappier responses and clearer reasoning built from real event data.

Stronger Guardrails
We refined Nyx's behavior to keep responses on-topic, scoped, and actionable. When Nyx doesn't have relevant data or cannot take an action, it will say so clearly—no guessing, no filler, no hallucinations.

Prompt Cards: Top 10 Questions to Ask Nyx
We've added a set of prompt cards to help you get more value, faster. Click a card to ask Nyx:

  • What are the top file upload destinations this week?
  • Which GenAI sites are used most often?
  • Summarize blocked events involving sensitive data.
  • Summarize blocked events involving regulated data.
  • Which destinations aren't mapped to any collection?
  • Which policies are generating the most alerts?
  • Who is syncing data to personal cloud accounts?
  • What insider risk activities were detected in the past 7 days?
  • Which users are transferring more data than their peers?
  • Were there any unusual spikes in data transfers?

These are perfect for daily triage, weekly reviews, and executive brief prep.

Nyx Prompt of the Month: Personal Cloud Sync Detection
Ever wondered who's syncing corporate data to their personal iCloud, GDrive, or Box accounts? Try this prompt in Nyx Chat:

"Identify users syncing data to personal cloud storage within the past 7 days. Include upload destinations, data volume, and risk level; exclude sanctioned business accounts."

It's a quick, powerful way to uncover hidden exfiltration risks.

Insider Risk Report Delivered Daily
We've started generating an Insider Risk Report every day, with results automatically posted to your Nyx chat. It'll be waiting for you each morning - so you can spot emerging insider risks before the day even begins.

If you don't see the report in your chat, reach out to support@nightfall.ai to be added to the delivery list.

AI-Powered Detection

Protect IP & Confidential Docs - Automatically

Join Early Access Program: support@nightfall.ai

We're rolling out our next set of 20+ File Classifiers - pre-trained models that identify sensitive document types based on structure, layout, and semantic meaning, not just keywords or entity matches. These classifiers detect documents that maintain a consistent purpose, even when formatting varies, filenames are generic, or text has been partially redacted or copied into new templates.

Examples of supported document categories:

  • Financial Statements & Revenue Reports
  • Internal Source Code & Engineering Artifacts
  • HR Records & Personnel Files
  • Contracts, NDAs, and Legal Agreements
  • Product Roadmaps & R&D Specifications
  • Tax Filings, Audit Docs, and Compliance Records

With a File Classifier Detector enabled, you can:

  • Detect intellectual property and confidential documents without relying on entity-by-entity rules
  • Protect sensitive content when it moves - whether shared inside the org or externally
  • Reduce policy complexity while improving detection precision across your workflow

This is ideal for data exfiltration prevention, IP protection, and insider risk monitoring across email, SaaS apps, and endpoint devices.

Build Custom Detectors in Plain Language - No Regex Required

Join Early Access Program: support@nightfall.ai

We're introducing Prompt-Based Detectors that let you define what you want to detect using a natural language description - no pattern tuning, training data, or model configuration needed. Just describe the document or entity type, provide one or two examples, and Nightfall will learn to detect content that matches your definition.

Two detector types now available in Early Access:

  • Prompt-Based Entity Detector - Describe an entity (e.g., "member id number" or "medical record number"), and we'll detect it anywhere it appears
  • Prompt-Based File Classifier - Upload an example document (e.g., loan document, investment memo, or underwriting file), and we'll detect documents like it - even when formatting changes

This is ideal for:

  • Protecting company-specific, high-value data (IP, strategy docs, R&D, deal memos)
  • Reducing reliance on complex regex rules or manual document labeling
  • Rapidly rolling out new detection logic as your business evolves

To join the Early Access Program, reach out to support@nightfall.ai. We'll help you set up your first detectors, validate accuracy on real workflows, and tune sensitivity & false-positive boundaries.

Data Exfiltration Prevention (DEX)

Browser User Session Check: Personal vs Business Accounts

Prevent data leaks to personal accounts with our new User Session Check capability. Nightfall can now distinguish between business and personal logins across major productivity and collaboration platforms, enabling you to block uploads from sanctioned corporate apps to unsanctioned personal accounts.

Supported domains include:

  • Google Workspace (Gmail, Drive, Docs, Calendar, Meet, Keep)
  • M365 (Teams, OneDrive, SharePoint, Outlook)
  • Cloud Storage (Box, Dropbox, iCloud)
  • Shadow AI (ChatGPT, Claude, Gemini, Copilot, Perplexity)

Example use case: Block users from uploading customer data from your corporate Google Drive to their personal Gmail account, or from copying sensitive code from your corporate Slack into personal ChatGPT.

Setup requirements:

  • Nightfall browser extension (enforced via MDM)
  • Updated agent profile with browser extension enforcement

Quick deployment guide:

  1. Navigate to Integrations > Endpoint macOS > Download Package
  2. Unarchive the .zip and locate NightfallAI_Profile_with_Browser_Extensions.mobileconfig in the profiles folder
  3. Push this profile via your MDM to enforce browser extension across your fleet

For detailed MDM-specific deployment steps, follow the instructions here and here

Endpoint Exfiltrated Asset Preview & Download (Early Access)

You can now preview and download exfiltrated assets directly in the console, alongside contextual details like user, source, destination, and sensitive content. This update streamlines evidence collection and makes investigations faster and more actionable.

Note: This feature is not enabled by default. To join the early access program, please contact your account team.

Windows Now Supports Content Inspection for File Uploads!

Windows devices now offer the same content inspection–based exfiltration monitoring as macOS - detecting sensitive data such as PII, PCI, PHI, secrets, and credentials in file uploads to browsers and cloud storage apps.

Device Management API

New endpoint management capabilities for programmatic oversight of your agent deployment:

  • Device inventory API - Retrieve comprehensive agent status, version information, and installation details via GET https://api.nightfall.ai/v1/endpoint/devices

Custom Block Messages

Enhance user education and engagement at the moment of policy enforcement:

  • Customizable block messaging - Tailor both title and body text shown to users during unsanctioned data transfers (file uploads, cloud storage sync, clipboard operations, etc.)
  • Contextual user guidance - Provide specific instructions and education when users attempt unauthorized actions

Data Detection & Response (DDR)

Zendesk Enhancements

Enhanced policy control and automation capabilities for Zendesk ticket monitoring:

  • Tag-based filtering - Include or exclude tickets from scanning based on tags for precise policy scope control
  • Automated tagging and private comments - Automatically apply tags when sensitive content is detected and leave private internal comments when remediation actions occur (redaction, attachment deletion, or marking tickets private)

Schedule a live demo

Tell us a little about yourself and we'll connect you with a Nightfall expert who can share more about the product and answer any questions you have.
Not yet ready for a demo? Read our latest e-book, Protecting Sensitive Data from Shadow AI.
<1---->

© 2025 Nightfall AI. All rights reserved.

Terms of ServicePrivacy PolicySecuritySecurity
Twitter X LogoFacebook LogoLinkedIn LogoLinkedIn LogoYoutube Logo