Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

December 2022

Nightfall 2022 in Review: A Look at the Exciting Developments in the Past Year

The demand for cloud security continues to increase in the face of supply chain attacks affecting the security of hundreds of thousands of organizations on platforms like GitHub. These concerning developments are among the reasons why we’re building Nightfall and are top of mind as we pursue our vision of enabling data security everywhere in the cloud. 2022 has been a busy and exciting year for us here at Nightfall as we’ve built out the platform in response to these developments.

ISO 27001:2022 and the new requirements for Data Leakage Prevention

The ISO 27001 is one of the most recognized security standards for private sector organizations across the globe and is often required by prospective enterprise customers, helping organizations unlock new business opportunities. ISO 27001 was recently updated along with its companion guidance standard ISO 27002. The updated title for this standard is ISO/IEC 27001:2022 Information Security, Cybersecurity, and Privacy Protection.

How can Cyber Security Playbooks and Runbooks Benefit Your Security Program?

You probably don’t need anyone to tell you that, today, infosec and cybersecurity are challenging and fast-paced endeavors. In the last five years alone, we’ve seen a myriad of industry altering developments — from an ever expanding universe of privacy compliance legislation and the permanent entrenchment of hybrid and remote work, to growth in the size and scope of data breaches — the world of security has proven ever complex and ever-shifting.

2022 in Review: 4 Lessons We've Learned from 2022's Largest GitHub Breaches

2022 revealed that security challenges remain for organizations leveraging GitHub. Between supply chain attacks, API key leaks, and other security risks, there are plenty of lessons and takeaways from this year’s GitHub-related headlines. In this post, we’ve rounded up and categorized the year’s largest GitHub stories. Read on to learn more about the types of security risks occurring in GitHub and the lessons you’ll want to take with you into 2023 and beyond.

Cryptojacking Attacks See Growth Despite Weak Year for Cryptocurrency

2022 has seen a slowdown for the cryptocurrency ecosystem, as well as a decrease in demand for cryptocurrency-related activities like cryptomining. Even before the catastrophic implosion of the FTX cryptocurrency exchange, multiple market bubbles (from failed exchanges other than FTX) and events like Ethereum’s highly anticipated transition from proof of work to proof of stake have dampened enthusiasm for cryptocurrencies.

The Essential guide to Data Loss Prevention in Confluence

The Atlassian ecosystem provides thousands of companies with the ability to collaborate remotely through powerful, feature-rich SaaS applications like Confluence. Over the least year, the rise of remote work has meant many companies have hosted their internal information hubs on Confluence. As such tools become the norm across companies, big and small, the amount of sensitive information stored in these systems will increase.

The Essential Guide to Data Protection & Security with the Nightfall Developer Platform

The last decade has seen a dramatic rise in data breach risk, with data breach incidents increasing nearly 840% between 2005 and 2019 according to the Identity Theft Resource Center. In this guide, learn about the growing problem of sensitive data exposure and how to use the Nightfall Developer Platform to easily build tools to identify and remediate this problem.

The Essential Guide to Data Loss Prevention (DLP) in Jira

The Atlassian ecosystem provides thousands of companies with the ability to collaborate remotely through powerful, feature-rich SaaS applications like Jira. As such tools become the norm across companies, big and small, the amount of sensitive information stored in these systems will increase. This means that organizations need to prioritize minimizing the risk of exposure within cloud environments.