Michael Osakwe

December 2, 2022

The Atlassian ecosystem provides thousands of companies with the ability to collaborate remotely through powerful, feature-rich SaaS applications like Confluence. Over the least year, the rise of remote work has meant many companies have hosted their internal information hubs on Confluence. As such tools become the norm across companies, big and small, the amount of sensitive information stored in these systems will increase.

Michael Osakwe

December 2, 2022

The last decade has seen a dramatic rise in data breach risk, with data breach incidents increasing nearly 840% between 2005 and 2019 according to the Identity Theft Resource Center. In this guide, learn about the growing problem of sensitive data exposure and how to use the Nightfall Developer Platform to easily build tools to identify and remediate this problem.

Michael Osakwe

December 1, 2022

We’re excited to introduce Jeannie Liou who joined Nightfall as our Director of Product Marketing. With an extensive background in product marketing, Jeannie has a storied marketing career working with companies such as Apple, Rubrik, and Snowflake. She brings with her a deep knowledge of building out product positioning and messaging that resonates with customers, as well as a passion for technology that improves the way we work, transact, and collaborate.

Emily Heaslip

November 30, 2022

The rise of cloud, containers, and microservices has shifted the way software developers work for good. Whereas traditionally, software developers would release a new version of an application every few months, today’s platforms allow teams to work faster and more streamlined. These advancements have led to the rise of “software, safer, sooner” — also known as DevSecOps.

Michael Osakwe

November 29, 2022

As with most SaaS applications, within Salesforce it is your organization’s responsibility to determine whether Salesforce’s default security settings meet your specific security and compliance obligations.Read this online guide, for free, to learn about the problem of data exposure in Salesforce and how to ensure compliance with HIPAA, PCI, and other leading industry standards while storing sensitive data in Salesforce.

Michael Osakwe

November 23, 2022

Environments like GitHub present data exposure risk in the form of secrets leakage and sensitive PII leaking from repositories. Read this online guide, for free, to learn about the problem of secrets exposure and leakage in GitHub, as well as how to easily implement secrets detection and scanning to prevent this risk.

Michael Osakwe

November 22, 2022

When Uber was breached in September, the hacker remained undetected until they announced their presence within the org via Slack. This incident provides yet another example of Slack being leveraged by an attacker. In this post, we’re going to review some of the ways attackers have used Slack in breaches, why this is happening, and what you can do about it.

Michael Osakwe

November 18, 2022

Many states in the US have data privacy and protection statutes as part of their legal codes. For the most part, these codify what types of PII/PI constitute a data breach, as well as when and how an entity doing business should communicate with customers if a data breach occurs.

Nick Kings

November 11, 2022

The Brazilian General Data Protection Law (LGPD) came into effect on August 16, 2020. The law creates new rights for individuals with respect to their data and imposes significant obligations on companies that process personal data. This guide will provide an overview of the key provisions of the LGPD and explain the steps that companies must take to comply with the law.

Michael Osakwe

November 10, 2022

Nightfall customers have always lauded the platform’s ease of use and simplicity, but our team is always hard at work looking for ways to improve user experience. This month, we’ve made multiple features GA across the platform, that will further your ability to further customize what content and files trigger Nightfall detectors as well as the ways you can ingest this data.

Michael Osakwe

November 9, 2022

The Nightfall blog is a knowledge base for cybersecurity professionals with news and insights from the world of cloud security. Each week, we’re publishing new content to help you stay up-to-date on cybersecurity topics and to prepare you for the issues and threats that occur every day on the job.

Michael Osakwe

November 4, 2022

Yesterday, TechCrunch broke a story about pharmaceutical giant AstraZeneca, which experienced a leak affecting sensitive patient data. We think this incident is worth reviewing to learn more about how data exfiltration risk is distributed across the entirety of an organization’s SaaS infrastructure.

Michael Osakwe

November 2, 2022

While API keys are a necessary part of modern software development, they can also be a major security risk. If an attacker is able to steal an API key, they can gain access to the data and resources that key is meant to protect. There are a number of steps you can take to protect your API keys, secrets, and credentials and prevent them from being stolen. One such method that we will cover in depth in this guide is secret scanning.

Michael Osakwe

October 28, 2022

When Karim is not speaking at security conferences and ensuring Nightfall institutes security best practices, you can find him sitting at the piano playing Beethoven or Rachmaninoff, writing music of his own, or outside either in nature hiking, swimming, or exploring the concrete jungle that is New York City.

Emily Heaslip

October 27, 2022

The threat landscape in IT is ever-evolving, with new risks arising practically daily. Trying to anticipate the next type of threat can feel a little like playing whack-a-mole. Instead, IT teams are focusing on vulnerability management: reducing the opportunities for hackers and other bad actors to find a weakness in cyber defenses.

Michael Osakwe

October 20, 2022

With the rise of cloud-based applications, data loss prevention (DLP) has become an increasingly important part of information security. DLP refers to the policies and technologies used to prevent sensitive data from being lost or stolen. In the context of SaaS, this can include both the security measures implemented by the SaaS provider and the steps taken by the customer to protect their data. In this blog post, we'll provide a more detailed overview of what SaaS DLP is, why it's important, and how you can go about setting up a DLP strategy for your business.