Skip to content

Nightfall DLP API Token

Service Name: Nightfall AI

Service Description: Nightfall is a cloud data loss prevention (DLP) platform that helps organizations discover, classify, and protect sensitive data across cloud services, applications, and databases. It uses machine learning to detect and secure PII, PHI, PCI, and other sensitive information.

Service Address: https://nightfall.ai/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured through the Nightfall dashboard for API access.

Secret Access Scope: Grants programmatic access to Nightfall's DLP API, allowing scanning of content for sensitive information, managing detection rules, and retrieving scan results.

Secret Revokement URL: https://app.nightfall.ai/settings/developer

Secret Example: nf-api-key-12345678-90ab-cdef-1234-567890abcdef

Suspicious Activity Investigation Instructions:

  • Review the Nightfall audit logs for unusual API calls or scanning activities.
  • Check for unexpected data scanning volumes or patterns.
  • Monitor for changes to detection rules or configurations.
  • Verify if the API key was used from unusual IP addresses or locations.
  • Review any integrations that might be using the compromised API key.

Mitigation Instructions:

  • Log in to the Nightfall dashboard at https://app.nightfall.ai/
  • Navigate to Settings > Developer section.
  • Locate the compromised API key.
  • Click Revoke or Delete to invalidate the key.
  • Generate a new API key if needed.
  • Update any legitimate applications or services with the new API key.
  • Consider implementing more restrictive IP allowlisting for API access.
  • Review and update your secret management practices to prevent future exposures.