
Key stats:
- 650 employees protected
- 5 SaaS platforms integrated with unified DLP policies
- 50% reduction in DLP violations across all platforms
- 90% faster mean time to response with automation: from one hour to less than one minute‍
- 40 hours saved per month
The Problem: Protecting Customer Data Across Fragmented SaaS Environments
As Latin America's leading financial services company powered by crypto, Bitso handles massive volumes of personally identifiable information (PII) from both customers and employees. Ulises Chombo MartĂnez, Security Operations Lead at Bitso, knew the company needed a comprehensive data loss prevention (DLP) solution to protect sensitive information from being shared through insecure channels or exfiltrated by bad actors.
They needed a comprehensive approach to transform their data protection strategy from fragmented, reactive monitoring to proactive, unified protection across all critical SaaS applications. With Nightfall, they are creating a security-aware culture while maintaining operational efficiency.
Use Case #1: Unified DLP Policies Across Multiple SaaS Platforms
Bitso needed a way to manage different DLP rules across various technologies. Their previous approach required applying separate rules for each platform: email, Google Drive, Slack, and endpoint, but these systems lacked the sophisticated detection capabilities of a purpose-built DLP solution.
"We tested a lot of different DLP tools and solutions with different providers, but with Nightfall, we saw that the maturity of the platform, the detectors, and the violation rules were at a high maturity compared to other tools," says Ulises. "With Nightfall, we can concentrate all our technologies in just one platform and apply the same DLP rules for all the technologies we want to cover."
Use Case #2: Advanced Contextual Detection
Other DLP solutions Bitso tried failed to detect PII in low-resolution images or screenshots where sensitive data had been blurred. Even more problematic was the lack of contextual understanding—legacy DLP solutions would flag innocuous content without any context, creating excessive false positives.
"With the support the Nightfall team gives us, we can configure the right way to catch this information. With other tools, this was one of the biggest issues that we saw," says Ulises.
Use Case #3: Automated Incident Response and User Education
Manual DLP processes were time consuming for the Bitso team, requiring analysts to review each detection, quarantine content, and manually notify users. This process would take up to an hour per incident.
Nightfall's automation capabilities handle the entire incident response workflow: automatically detecting violations, quarantining sensitive content, sending customized notifications to users, and allowing users to mark false positives with business justification.
"The mean time to respond was reduced a lot with the automation features in Nightfall. The reduction in time and processes was amazing. We saw more than 90% in mean time to response,” says Ulises.
Use Case #4: Protecting All Data, Anywhere Across Bitso's Technology Stack
Bitso’s security team found an opportunity to strengthen security and compliance practices throughout various internal channels such as Slack, and prevent sensitive information from accidental exposure.Â
Simultaneously, customer support representatives handling sensitive customer information through Zendesk saw the benefit of robust protection against potential data exfiltration while maintaining their ability to deliver efficient customer service. Nightfall AI provided Bitso with a unified solution that addressed all these challenges through comprehensive monitoring across their entire SaaS ecosystem. The platform integrates seamlessly with Jira and Confluence to detect when developers accidentally include credentials or sensitive technical information in their work, automatically redacting the content and notifying users to prevent system compromises.Â
The Solution: Comprehensive SaaS Protection with Intelligent Automation
Nightfall AI exceeded Bitso's expectations by providing mature, enterprise-grade DLP capabilities across all their critical SaaS platforms. The solution protects Slack, Google Drive, Confluence, Jira, and Zendesk with unified policies and intelligent detection.
Benefit #1: Seamless Slack Integration Without User Disruption
Unlike other solutions that required visible bot installations in channels, Nightfall's API integration with Slack operates invisibly. This was crucial for Bitso's change management strategy.
"Implementing a DLP solution can be tricky because people will think you’re spying on them if they can see the solution,” says Ulises. “Nightfall is invisible to our users because we integrate Nightfall by API with Slack. With other tools we tried, everyone could see the application in private or public channels, and this added a lot of noise for us.”
Benefit #2: Intelligent Automation with User-Friendly Remediation
Nightfall's automatic end-user remediation capabilities set it apart from competing solutions. When violations are detected, the system automatically quarantines content and sends customized notifications to users, who can then mark items as false positives with business justification.
For customer support operations, Nightfall monitors Zendesk interactions to prevent both accidental and intentional sharing of customer PII and financial information outside approved channels, ensuring compliance without disrupting service quality. Nightfall continuously monitors Slack conversations, Google Drive file sharing, and Gmail communications to detect inappropriate sharing of sensitive information, automatically alerting users and providing education on secure sharing practices.
"You can customize notifications and give users agency to mark false positives and provide business justification for their actions. We didn't find this feature in other tools," says Ulises.
Benefit #3: Contextual Detection with Custom Detectors
Nightfall’s ability to create custom detectors with proper context resolution eliminated the false positive problem that Bitso saw with other solutions. Our machine learning capabilities learn from user feedback to continuously improve detection accuracy, creating a collaborative approach to machine learning optimization ensured Bitso would consistently achieve high detection accuracy quickly, minimizing the operational burden of managing excessive false positives while maintaining comprehensive protection of their sensitive data across all SaaS platforms.
"The engineering team helped us fine tune our detectors, after we saw many false positives with other solutions,” says Ulises. "They taught us how to train the machine learning inside the tool to detect what could be a false positive versus a true positive. They helped us improve all of these capabilities with hands-on help."Â
Benefit #4: Enhanced Trust with a Mature Platform
During Bitso's DLP evaluation process, one competing solution demonstrated concerning signs of immaturity that raised red flags about their enterprise readiness. When Bitso requested specific detection capabilities that weren't available in the vendor's current offering, the vendor was unable to communicate a robust product management and development processÂ
When Bitso proposed potential enhancements to Nightfall, the product and engineering teams shared an action plan to evaluate, develop, and test these new capabilities with robustness and security in mind. Ulises saw the careful, methodical approach that enterprise customers expect right away from Nightfall.
“Nightfall demonstrated the enterprise maturity that we require for our security critical environment,” says Ulises. “The team explained their established process for evaluating feature requests, provided QA testing in development and pre-production environments, and ensured that any changes wouldn't break our existing deployments. The transparency about realistic development cycles and commitment to stability over speed gives us confidence that we have a partnership with a mature vendor that prioritizes platform reliability and customer success over quick wins.”
The Result: Cultural Transformation and Security Awareness
Within one year of implementation, Bitso achieved remarkable improvements across all monitored platforms:
- Slack violations: Reduced by 65%Â
- Google Drive violations: Reduced by over 97%
- Jira violations: Decreased by 90%Â
- Overall DLP violation reduction: Over 50% in just one year
The automation capabilities delivered immediate operational benefits. Tasks that previously required manual analyst intervention—detection review, content quarantine, and user notification—now complete automatically within seconds rather than hours.
Beyond the technical improvements, Nightfall became integral to Bitso's security culture. After an initial six-month socialization period, employees began to understand and embrace the DLP program.
"Nightfall has become a regular fixture here at Bitso. With some tools like Mimecast, not everyone knows how they work, but the Nightfall solution has become known throughout the entire company," says Ulises.
Nightfall now serves as a critical component in Bitso's security investigations and woven into their overall security tapestry. The fast implementation, easy deployment, and mature solutions that Nightfall provides to Bitso have made DLP one less thing for their security team to worry about.