Scan your application code for sensitive data on every CircleCI build
SAN FRANCISCO--(BUSINESS WIRE)--Nightfall AI, the first cloud-native data loss prevention platform which uses machine learning to discover, classify, and protect business critical data, and CircleCI, the leading continuous integration and continuous delivery (CI/CD) platform, have partnered to scan code commits and help prevent developers from inadvertently committing sensitive information. The Nightfall DLP CircleCI orb is intended to be used as a part of your CI pipeline to simplify the development process, improve security, and ensure teams never leak secrets or other sensitive information through an accidental commit on CircleCI.
“We’re excited to become a data security partner with CircleCI. Our pre-built orb will help engineering teams scan code and detect sensitive data by copying a simple line of code into a config file,” said Rohan Sathe, Chief Technology Officer at Nightfall AI. “By bringing Nightfall’s DLP technology into the development process, developers can avoid committing sensitive information in repositories and build with confidence.”
Developers are increasingly adopting CI/CD to automate and build software faster and more efficiently. CircleCI’s mission is to provide intelligent automation and delivery tools to help developers get from idea to execution. With CircleCI orbs, developers can share or reuse snippets of code to automate repeated processes, speed up project setup, and make it easy to integrate with third-party tools. Before using orbs, DevOps teams would sometimes spend days setting up a new system or feature, causing delays in shipping and the need to overhaul existing infrastructure.
The Nightfall DLP orb scans your code commits for sensitive information — like credentials and secrets, PII, credit card numbers, and more — and posts review comments to your code-hosting service automatically. Scan for API and cryptographic keys with the Nightfall DLP orb by default, or customize your scans via a config file to specify additional detectors, tokens to exclude, and files to include or exclude. Developers can now commit code confidently without worrying about sensitive information in the code repositories.
“Cloud security is critical these days. Nightfall’s DLP orb scans application code for sensitive data on every CircleCI build, protecting business-critical data so teams can focus on creating high-quality software,” said Tom Trahan, VP Business Development at CircleCI.
Nightfall AI (www.nightfall.ai) is building the control plane for cloud data. The Nightfall platform discovers, classifies, and protects sensitive data across cloud services like Slack & GitHub via machine learning & NLP. As the industry’s first cloud-native data loss prevention platform, Nightfall has scaled rapidly to a broad set of customers across the globe, ranging from hyper-growth tech startups to Fortune 100 enterprises. Nightfall has been deployed across consumer-facing & highly-regulated industries like healthcare, insurance, and education to address data leakage, exfiltration, and compliance risks around HIPAA, GDPR, CCPA, and more. Nightfall is backed by Bain Capital Ventures, Venrock, Webb Investment Network, and a cadre of high-profile operators, including CEO/executives at Okta, Splunk, FireEye and Salesforce.
CircleCI is the leading continuous integration and delivery platform for software innovation at scale. With intelligent automation and delivery tools, CircleCI is used by the world's best engineering teams to radically reduce the time from idea to execution. Founded in 2011 and headquartered in downtown San Francisco with a global, remote workforce, CircleCI is venture-backed by IVP, Sapphire Ventures, Owl Rock, NextEquity Partners, Scale Venture Partners, Threshold Ventures, Baseline Ventures, Top Tier Capital Partners, Industry Ventures, Heavybit, and Harrison Metal Capital. Learn more at circleci.com.