Creating Policies

Policies allow customers to create templates for their most common workflows by unifying a set of Detection Rules with the actions to-be-taken when those rules are triggered, including:

  • automated actions such as redaction of findings
  • alerting through webhooks

Once defined, a Policy may be used in requests to the Nightfall API, such as calls to scan file uploads, though automated redactions are not available for uploaded files at this time.

To create a Policy, navigate to the Developer Platform landing page in the Nightfall Dashboard, then click the Policies tab. This page displays a list of all active Policies for the Developer Platform. Click the "+ New Policy" button in the upper right-hand corner to create a new policy, and you should see a page like the image below.

  1. Provide a display name for your Policy as well as an optional description.
  2. Add one or more Detection Rules that you have previously defined (up to 20).
  3. Indicate whether or not you want to redact violations.
  4. To configure alerting, add a Webhook URL that will receive events when the Detection Rules are triggered. See more about Nightfall's requirements for Webhook Servers here.

After you click the "Save Policy" button, your policy should be immediately available for use. You can refer to the API Docs for the comprehensive list of endpoints that support policy UUIDs.