Attack surfaces are a fundamental concept within information security. However, attack surfaces can be constituted of different things. For example, some formulations of an attack surface include not just software and hardware, but the people using them. In this post, we’re going to cover four common types of attack surface, discuss how you should think about the risks associated with each type, and best practices for addressing these risks.

For many companies, a business credit card is part of the organization’s lifeblood. As such access to it must be vigilantly maintained. One potential area of risk is employees sharing credit card details in collaborative SaaS applications like Slack, where these details are at significant risk of being exposed to unauthorized parties.

Nightfall’s Cloud DLP platform helps you limit access to sensitive data, by protecting the data where it is stored. With Nightfall you can redact, delete attachments, or make the data private in one click or via automated actions.

The proliferation of sensitive data continues to grow unabated, particularly for support agents using Zendesk. The Zendesk’s CX Trends 2022 Report found that ticket volume had increased across all channels, with webform/email up 10% YoY and chat up 17% YoY.

In today's interconnected world, modern organizations face an ever-increasing array of cybersecurity threats. One of the most effective ways to protect sensitive data and ensure zero trust data security is by fostering a strong culture of security awareness among employees.

Advancements in AI have led to the creation of generative AI systems like ChatGPT, which can generate human-like responses to text-based inputs. However, these inputs are at the discretion of the user and they aren’t automatically filtered for sensitive data. This means that these systems can also be used to generate content from sensitive data, such as medical records, financial information, or personal details.

Organizations are rapidly adopting SaaS and cloud infrastructure with 72% of orgs saying they’re defaulting to cloud-based services when adopting new tech according to Foundry (formerly IDG communications). For early adopters of cloud technology, their SaaS count may be north of 1,000 apps according to McAfee. Organizations who have no plan for their data when migrating to cloud are in for—forgive the pun—cloudy skies. We’re not afraid to use this analogy because.

Cloud privilege escalation is a growing concern for organizations as they embrace cloud-based infrastructure and services. To address the risks associated with privilege escalation, it's vital to implement robust security practices. In this post, we’ll cover privilege escalation as it relates to cloud security risk and the best practices for mitigation.

We're excited to share that Nightfall has been named as a Leader in Data Loss Prevention (DLP) in G2's Spring '23 rankings. Huge thank you to our customers and supporters who made this possible, and to our dedicated team who works so hard to keep their cloud data safe. This year has been a busy one, with the release of our Advanced Secrets Detection, that provide detailed metadata about discovered API keys, like whether they're active

It’s no exaggeration to say that APIs are the backbone of the modern digital economy. API usage has seen staggering exponential growth over the last two decades with sources like Postman's 2022 State of the API Report illustrating just how embedded APIs are into our modern world. In 2022, the Postman API platform saw 20 million users and over 1 billion API requests created.