Deepwatch

Customers
/
Deepwatch

Learn how Deepwatch improves cloud visibility into SaaS apps and Generative AI tools.

The Deepwatch team of over 400 experts offers round-the-clock threat detection and response to enterprise customers. As a leader in managed security, Deepwatch turns to Nightfall AI for 360-degree cloud coverage, visibility into generative AI tools like ChatGPT, and seamless security workflows.

Industry
Security
Integrations
ChatGPT
Slack
Jira
Google Drive
Salesforce
Confluence
Region
US, East
On this page

Introduction

The Deepwatch team of over 400 experts offers round-the-clock threat detection and response to enterprise customers. As a leader in managed security, Deepwatch turns to Nightfall AI for 360-degree cloud coverage, visibility into generative AI tools like ChatGPT, and seamless security workflows. 

Challenges

Deepwatch, the leading managed security platform for the cyber resilient enterprise, chose Nightfall AI to accomplish three main goals: 

  • Improve cloud visibility to SaaS apps and generative AI (GenAI) tools like ChatGPT
  • Streamline workflows and minimize false positive alerts 
  • Mitigate insider risk through education of security policies

Deepwatch provides managed detection and response, and actively works as an extension of other enterprise security teams. Nightfall AI helped Deepwatch achieve their goals and improve their own rigorous security posture.

Solutions

Improving visibility across the cloud

As a cloud-based security platform that spans several highly regulated industries, Deepwatch needed to detect a wide range of data, from PII and PHI to secrets and keys. However, Deepwatch’s past cloud DLP solution didn’t provide satisfactory visibility or remediation options for SaaS apps and GenAI tools like Slack, Jira, Salesforce, Confluence, Google Drive, or ChatGPT. 

“The switch to SaaS apps leaves a very large hole that not a lot of solutions can fill… But I can say from my experience that Nightfall AI has brought us a solution at every corner.” 

“We solved for the cloud [visibility] piece by plugging Nightfall into our APIs,” explains Mason Goshorn, Deepwatch’s Information Security Engineer. “We turned on every single detector, and got such good visibility that we then were able to scope down and use built-in metrics to determine which detectors we cared about the most.” 

“Nightfall catches scenarios that we wouldn’t have thought of.”

Nightfall’s real-time visibility and remediation came in particularly handy with the recent rise of GenAI. When Nightfall reached out with news about the Nightfall for ChatGPT extension, Goshorn had already been thinking about how Deepwatch could protect against ChatGPT: “I didn’t need to develop that custom level solution because Nightfall, as an industry leader, was already thinking about it.” 

Creating accurate, automated workflows

Deepwatch’s previous cloud DLP solution relied on regexes for sensitive data detection. They also had a lengthy remediation process that stole valuable response time. When looking for a new solution, Deepwatch prioritized detector accuracy as well as lower operational costs. They turned to Nightfall with those two “must-haves” in mind. 

“[Nightfall] provides sub-second responses to policy violations.”

Unlike many competitors that rely on regex-based detection, Nightfall deploys neural network embeddings to understand the context surrounding possible violations. The result? Significantly increased accuracy and fewer false positive alerts. As an added bonus, each of Nightfall’s detectors can also be fine-tuned according to customers’ specific policies and risk tolerances. “Nightfall has the best true positive rate out of any other tool I’ve used,” says Goshorn. “Now, when [an alert] comes in, it’s guaranteed to be something that needs immediate eyes on it.” 

“I don’t think there’s any tool that beats [Nightfall] on timed remediation.”

However, the benefits of AI-powered DLP go far beyond accuracy. Deepwatch leverages Nightfall’s AI capabilities to automate alerts and remediate violations from Slack. This significantly reduces not only the cost of monitoring, but also the time it takes to respond to a violation. Goshorn weighs in: “From an admin perspective, [alerting and remediation] over Slack is super useful. From a security perspective, the fact that I can set automated response actions in my policies that instantly redact or quarantine [makes] workflows super smooth.”

“I don’t recall any other product that fits what Nightfall does, and that has the same workflow and priorities… Since onboarding Nightfall, [getting alerts via Slack] has allowed us to be more streamlined and fluid.”

Mitigating insider risk

Nightfall has “Next-level maturity when it comes to insider risk or data loss prevention in cloud apps,” says Goshorn. This is, in part, due to Nightfall’s end-user remediation feature, which serves a twofold purpose: First, it provides an opportunity for end-users to learn about company policies in highly specific situations, thereby reducing insider risk. Second, it significantly reduces security team workloads by encouraging employees to remediate sensitive data themselves. 

“It’s nice to know that we’re covered from that [insider risk] scenario. It gives us peace of mind.”

Conclusion

Overall, Deepwatch improved their cloud visibility, streamlined their security workflows, and mitigated insider risk, all with the help of Nightfall AI's innovative and efficient platform. “Accuracy and speed are the main reasons I’d recommend Nightfall,” summarizes Goshorn. “Now I have no doubt that if someone puts something in Google Drive or Slack, I’m going to know about it and respond [quickly] to it.” 

However, Goshorn went on to say that there’s more to a good security solution than just the product itself. “I have a very high level of confidence in what the Nightfall product does and what their people do. That’s not always the case for security tools. You might be confident in the product, but not in the people. Having both sides makes Nightfall a great holistic offering.”

Read more Customer Stories

#21ae68
Discover how Nightfall streamlined secrets and keys detection in GitHub for Klaviyo
quote mark
By preventing sensitive data from reaching our code repositories, we reduce the chances of data exposure. For us, DLP is the ability to reduce risk for the company and allows us to build customer trust.
Read Case Study
Shaun DeWitt
Shaun DeWitt
Director of Security Operations
#3b2fc9
See how Nightfall ensures the highest levels of compliance for Flatfile
quote mark
We use Nightfall as a preparation for our compliance qualifications. Before Nightfall, we used the built-in tools within these platforms for data security, like Google’s quarantine alerts. We found that they were too trigger happy and couldn’t fulfill our compliance needs.
Read Case Study
Robbie Trencheny
Robbie Trencheny
Infrastructure Security Team Lead
Nightfall Mini Logo

Getting started is easy

Install in minutes to start protecting your sensitive data.

Get a demo
Nightfall Brand Logo
Newsletter

Subscribe to our newsletter to receive the latest content and updates from Nightfall

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

By registering, you agree to the processing of your personal data by Nightfall as described in the Privacy Policy.

Compatible with
Hipaa logo
HIPAA
PCI-DSS logo
PCI
CCPA Logo
GDPR/CCPA
SOC 2 Logo
SOC 2

© 2024 Nightfall. All Rights Reserved.

Terms of ServicePrivacy PolicySecurity
Twitter LogoFacebook LogoInstagram LogoLinkedIn Logo