This is a DLP policy template that you can implement easily in the Nightfall platform.
| Description | Detect and automatically block secrets such as API keys from being shared via Gmail, Notify the user |
|---|---|
| Integration | Gmail |
| Use Case | Prevent Secret Sprawl |
| Output Settings | Alert admins in Slack or Email, recommend configuring alerting to SIEM, and alert end-user with educational messaging on proper handling of secrets to prevent future exposure. |
| Inclusions | All email is monitored |
| Exclusions | No exceptions or exclusions to this policy are permitted, as any data shared via email or similar tools would cross the secure boundary of the company's IT infrastructure and systems. |
These are the detection rules that will be applied within this policy, defining what types of sensitive data the policy is looking for.