Violation Status

The Status of a Violation implies the current state of the violation. For instance, a Violation whose status displays Notified, implies that the end-user whose actions caused the violation has been notified about their actions. They must now take appropriate actions.

When a new Violation is created in Nightfall, the status is Active. The status of the violation gets modified by one of the following methods.

  • Automatically: If you have configured either Admin alerting, end-user alerting, or have allowed end-user remediation, the status of the violation changes automatically.

  • Manually: If you apply an action on a Violation manually either from the Violations page or from any other platform, the status of the violation changes accordingly.

Status List

The various Status available in Nightfall are listed as follows.

Active

This status implies that the Violation is newly created and no action (not even notification about the Violation) is implemented.

Acknowledged

This status implies that the Nightfall admin has viewed acknowledged the Violation. A further action needs to be taken in future.

Notified

This status implies that the end-users have been notified about their actions that caused the violation.

Redacted

This status implies that the sensitive data that caused the violation, is redacted.

Quarantined

This status implies that the file or the entity that contained the sensitive data is quarantined from rest of the data.

Accepted

Rejected

Scheduled

Removed Internal Users

This status implies that the access to the file or entity that contains sensitive data is no longer accessible to the internal users of the organization.

Removed External Users

This status implies that the access to the file or entity that contains sensitive data is no longer accessible to the external users who are not part of your organization.

Link Settings Changed

This status implies that the file's (that contains sensitive data) access permissions have been modified.

Deleted

This status implies that the file or the entity that contained the sensitive data is deleted.

Ignored

This status implies that the Nightfall admin has ignored the violation either because its false positive or because they wish to look into it in the later.

Disabled Download

This status implies that the file that contains sensitive data has been disabled from downloading. This prevents any user from downloading the file.

Marked as Private

This status implies that the file or the entity containing sensitive data is marked as private.

Attachment Deleted

This status implies that the attachment that contains sensitive data has been deleted.

Sent to JIRA

This status implies that a new JIRA ticket has been created to represent this Violation.

Encrypted

This status implies that the sensitive data has been encrypted.

Blocked

This status implies that the entity containing the sensitive data has been encrypted.

Input Requested

This status implies that a notification has been sent to the end-user requesting justification for their actions that caused the violation.

Input Received

This status implies that the end-user has provided justification of their action(s) that triggered the violation.

Restricted to Owner

This status implies that the access to the file containing sensitive data is now restricted only to the owner of the file.

Deleted File

This status implies that the file containing sensitive data is deleted.

Moved to Recycle Bin

This implies that the entity containing sensitive data is moved to recycle bin.

Quarantined Email

This status implies that the email has been quarantined. A Nightfall admin must visit the quarantine settings in Gmail and take an action accordingly. This status is applicable only to Gmail.

Released Email

This status implies that the email was sent to the recipient after scanning. There were no actions taken on the email. This status is applicable only to Gmail.

Pending

These are the violations which have been notified to the end-users. However no action has been taken by the end-users or any other user.

Resolved

This status implies that the sensitive data issue in the violation has been addressed and thus the violation is resolved.

Expired

This status implies that the violations has been expired since no action has been taken even after the stipulated time period.

PreviousApplying Bulk Actions on ViolationsNextNightfall Alert Platforms

Last updated