Nightfall Ai launched the industry’s very first autonomous data loss protection platform. It introduced an AI agent which automatically investigates security incidents, and tunes policies with no human intervention. This breakthrough could reshape the way enterprises protect sensitive information at a time of increasing cyber threats.
Nightfall Nyx, the new platform from San Francisco-based startup Nightfall, represents a fundamental change in comparison to traditional data loss prevention tools that rely heavily on manual rule-setting. The system uses an AI agent that mimics the work of security analysts. It automatically prioritizes threats and differentiates between legitimate business activity and genuine security risks. In an exclusive interview with VentureBeat, Rohan Sathe (CEO and co-founder at Nightfall) said that security teams are drowning under alerts, while sophisticated insider threats slip past legacy DLP systems. When analysts spend hours investigating false negatives only to find that real threats were not detected because they did not match a predefined pattern then organizations aren’t losing time, but also losing control over the most sensitive data. The global cybersecurity market is estimated at approximately $173 billionis expected to be reached in 2023 Data protection is expected to account for a large portion of this growth, which will reach $270 billion in 2026.
AI Impact Series Returns To San Francisco – 5 August
Are you ready for the next phase of AI? Join leaders from Block GSK and SAP to get an exclusive look at the ways autonomous agents are reshaping workflows in enterprise – from end-to-end automated to real-time decision making.
Reserve your seat now as space is limited. https://bit.ly/3GuuPLF
How AI-powered detection reduces false alerts by 80%
Traditional DLP has long frustrated security teams due to their accuracy rates that can be as low at 10 to 20% according to Sathe. These legacy platforms rely heavily upon pattern matching and regular-expressions to identify sensitive information, creating a continuous stream of false alarms that require manual investigations.
Sathe explained that “you end up hiring a SOC analyst who will sift all the false positives.” “With an AI native approach to content classifying, you can get this to 90, 95% accurate.”
Nightfall Nyx integrates three AI-powered components – advanced content classification that uses large language models (LLMs), computer vision and data lineage tracking to understand where information originates and moves, and autonomous policy optimization based on user behavior over time. Sathe explained that the platform’s AI agent sits on top of this detection infrastructure, and “basically mimics what a DLP SOC analysts would do.” “We’ll be looking at all the incidents Nightfall surfaces on the dashboard and making recommendations for what to investigate urgently. Then we’ll make policy tweaks that will differentiate between real business workflows and things that are actually harmful.” Shadow AIis a tool that employees use to access unauthorized AI tools. ChatGPT Claude or Copilot to perform work tasks, exposing sensitive corporate data inadvertently.
Nightfall captures actual content that is pasted, typed, or uploaded into AI tools. It also shows the data lineage of where the information came from. The system can monitor prompt level interactions across major AI platforms such as ChatGPT Microsoft Copilot and Claude. Gemini Perplexity
Sathe said, “It is a bit meta because AI is identifying the risks of AI usage.” The platform analyzes the content shared with AI apps, tracks where it originated, and determines if usage patterns represent normal business activities or potential security breaches.
Customer adoption surges after accuracy rates reach 95% in enterprise deployments
Nightfall’s approach has gained traction with enterprise customers looking for alternatives to legacy solutions. Microsoft Google as well as other traditional cybersecurity vendors. According to Sathe, the company now serves hundreds of customers and processes “hundreds” of terabytes of data a day across deployments that support over 50,000 employees.
Retailer of furniture Aaron’s is a great example of the customer value proposition. The company struggled with an old DLP solution which generated too many false positives while monitoring Slack communication. “They were like, Wow, we can really reduce the time that we have to investigate all these things,” Sathe said. Because most of what you’re surfacing are legitimate, Sathe added.
Rapid adoption reflects broader frustrations with traditional approaches. Nightfall’s endpoint DLP capabilities achieved 20% penetration within six months, a metric Sathe cited as evidence of a strong product-market match.
Nightfall competes with established players such as Microsoft Purviewis bundled with enterprise Office 365 licensing, as are dedicated DLP vendors such as Forcepoint Symantec (19459062) and newer entrants. Sathe, however, argues that bundled solution carry hidden costs as a result of the human labor required to manage incorrect positives. “Hiring, training, and having people spend time on DLP, when they could be doing other things, is dollars in the end,” said Sathe.
The lightweight architecture of the company, which uses APIs-based integrations instead of network proxies, allows for faster deployment in comparison to traditional solutions, which can take up to six months to implement. Sathe says that Nightfall customers usually see results within weeks, not months.
Nightfall’s AI-native architecture is the key to its differentiation. Nightfall uses machine learning (ML), which is automatically improved through “annotation driven supervised learning,” a process that the company calls.
While legacy systems need extensive manual tuning to minimize false positives. This allows the system distinguish between routine business activity and genuine security threats, without extensive manual configuration.
This deployment model emphasizes frictionless integration through lightweight endpoint applications and API integrations to popular SaaS apps. This is a stark contrast to traditional DLP solutions, which often require complex network changes and long tuning periods.
Nightfall has raised approximately $65 million to target regulated industries that are hungry for IP protection. The company has raised $65 million in funding and is targeting regulated industries such as healthcare, financial services and technology, as well as legal and manufacturing. The company is particularly interested in organizations that deal with intellectual property protection. Traditional DLP solutions are unable to identify and protect proprietary data.
This broader market opportunity is a reflection of the convergence of several technology trends, including the continued migration to cloud workflows, the explosion in AI tool adoption by enterprises and the increasing regulatory scrutiny surrounding data protection. Recent high-profile incidents of data breaches and insider threats have raised data loss prevention to a board level concern for many organisations.
The future of cybersecurity is autonomous agents replacing manual security operations.
As companies continue to adopt AI tools, they are also grappling with the evolving data protection requirements. Solutions that can automatically adapt and minimize operational overhead while simultaneously adapting to new threats represent the next evolution in enterprise safety. Nightfall’s initial success suggests that the market has a ready-made demand for intelligent, autonomous data security systems that go beyond the limitations of rule-based systems.
Nightfall’s platform’s ability of providing contextual incident summaries – such as “Employee downloaded a file containing 200 records of customer PII from Salesforce to a personal Google Drive while working remote” – represents the type actionable intelligence needed by security teams to respond to threats effectively.
The focus of the company on eliminating manual tuning burdens that have long plagued DLP implementations addresses a fundamental problem that has limited adoption. If successful, the approach could accelerate enterprise adoption and improve security across industries that handle sensitive information.
This shift to autonomous security operations is part of a larger transformation in enterprise software where AI agents are increasingly handling tasks that used to require human expertise. The promise of truly autonomous data security may finally fulfill the industry’s long-held goal of security that works at the speed of business.
VB Daily provides daily insights on business use-cases
Want to impress your boss? VB Daily can help. We provide you with the inside scoop about what companies are doing to maximize ROI, from regulatory changes to practical deployments.
Read our Privacy Policy.
Thank you for subscribing. Click here to view more VB Newsletters.
An error occured.
Want to impress your boss? VB Daily can help. We provide you with the inside scoop about what companies are doing to maximize ROI, from regulatory changes to practical deployments.
Read our Privacy Policy.
Thank you for subscribing. Click here to view more VB Newsletters.
An error occured.
