Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Nightfall

Nightfall Enables Advanced Secret Detection with Enhanced Machine Learning API Key Detector

Compromised secrets and credentials are the most common cause of data breaches and are often left unmanaged. In the past year alone, we’ve seen sustained growth in supply chain attacks and security incidents impacting the security of secrets stored in code repos or unknowingly shared within SaaS applications. Because of this, there is a compelling need for reliable, accurate, and actionable secrets detection for modern organizations.

Nightfall's New PHI Detector Improves Security Automation for Healthcare Orgs

With Nightfall’s enhanced PHI detection capabilities, which are based on an advanced combination of logic and context, it is very easy to identify specific instances of PHI unique to organizations. What’s even better is that all of this can be automated and tie seamlessly into existing customer workflows.

Understanding the basics of Cloud Security: What is Zero Trust & Why does it Matter?

Cybersecurity professionals are tasked with the difficult job of protecting their organization's data from malicious actors. To achieve this goal, zero trust security has become an essential tool for organizations. But what exactly is zero trust? In this post, we’re going to separate signal and noise by disambiguating the term zero trust. We’ll talk about what it is, why it matters, and key takeaways you should have regarding the state of cybersecurity in 2023.

Nightfall 2022 in Review: A Look at the Exciting Developments in the Past Year

The demand for cloud security continues to increase in the face of supply chain attacks affecting the security of hundreds of thousands of organizations on platforms like GitHub. These concerning developments are among the reasons why we’re building Nightfall and are top of mind as we pursue our vision of enabling data security everywhere in the cloud. 2022 has been a busy and exciting year for us here at Nightfall as we’ve built out the platform in response to these developments.

ISO 27001:2022 and the new requirements for Data Leakage Prevention

The ISO 27001 is one of the most recognized security standards for private sector organizations across the globe and is often required by prospective enterprise customers, helping organizations unlock new business opportunities. ISO 27001 was recently updated along with its companion guidance standard ISO 27002. The updated title for this standard is ISO/IEC 27001:2022 Information Security, Cybersecurity, and Privacy Protection.

How can Cyber Security Playbooks and Runbooks Benefit Your Security Program?

You probably don’t need anyone to tell you that, today, infosec and cybersecurity are challenging and fast-paced endeavors. In the last five years alone, we’ve seen a myriad of industry altering developments — from an ever expanding universe of privacy compliance legislation and the permanent entrenchment of hybrid and remote work, to growth in the size and scope of data breaches — the world of security has proven ever complex and ever-shifting.

2022 in Review: 4 Lessons We've Learned from 2022's Largest GitHub Breaches

2022 revealed that security challenges remain for organizations leveraging GitHub. Between supply chain attacks, API key leaks, and other security risks, there are plenty of lessons and takeaways from this year’s GitHub-related headlines. In this post, we’ve rounded up and categorized the year’s largest GitHub stories. Read on to learn more about the types of security risks occurring in GitHub and the lessons you’ll want to take with you into 2023 and beyond.

Cryptojacking Attacks See Growth Despite Weak Year for Cryptocurrency

2022 has seen a slowdown for the cryptocurrency ecosystem, as well as a decrease in demand for cryptocurrency-related activities like cryptomining. Even before the catastrophic implosion of the FTX cryptocurrency exchange, multiple market bubbles (from failed exchanges other than FTX) and events like Ethereum’s highly anticipated transition from proof of work to proof of stake have dampened enthusiasm for cryptocurrencies.