This is a DLP policy template that you can implement easily in the Nightfall platform.
| Description | Detect and automatically notify when secrets such as API keys are found in OneDrive accessible outside the organization or via public link. Automatically restrict access to the Owner. |
|---|---|
| Integration | Microsoft OneDrive |
| Use Case | Prevent Secrets Sprawl |
| Output Settings | Alert admins in Slack or Teams, automatically restrict access to Owner, recommend configuring alerting to SIEM, and automate remediations or alert end-users with remediation instructions and educational messaging to proper secrets handling to prevent future exposure. |
| Inclusions | Include drives and special folders you want to monitor. Scope permissions to files accessible outside the organization or via public link. |
| Exclusions | Select drives, folder paths, and file extensions you don't want to scan. |
These are the detection rules that will be applied within this policy, defining what types of sensitive data the policy is looking for.