See what sensitive data lives in your Zendesk instance

Generate a free report of the sensitive data (like PII, PHI, and credentials) that's in your Zendesk tickets, comments, and attachments.
Customers can send you anything via support channels. This includes PII, credit card information, credentials, and more. This can pose security risk like data leakage and compliance risks around PCI, HIPAA, and more.
With our Zendesk scanner, scan your entire Zendesk instance for sensitive data, using Nightfall's proprietary detection engine. This app is powered by the Nightfall Developer Platform.
Get Started — or — Read our FAQs

Get started in 5 minutes

Step 1: Connect to Zendesk
Zendesk Subdomain

The part between https:// and in the URL of your Zendesk instance.

Zendesk Username

The username or email address you use to login to Zendesk as an admin.

Zendesk Token

API key you create in your Zendesk settings. Navigate to to set one up. You can revoke this at anytime.

Step 2: Your Email

You'll receive your scan results here as a CSV attachment.

Step 3: Configure Detection

This step is optional, but recommended. If you leave it blank, Nightfall will use a default detection rule, scanning for likely Credit Card Numbers, US Social Security Numbers, and API Keys. Setting your own detection rule will allow you to leverage the full power of Nightfall's best-in-class detection engine. Customize your detection settings with over 100+ pre-built detectors (spanning PII, PHI, PCI, and much more), custom detectors, exclusion/context rules, and more. Learn more about our detection engine in our Help Center.

Nightfall API Key

Create an API key on your Nightfall dashboard here.

Detection Rules

Your Detection Rules specify what you want Nightfall to detect, e.g. credit card numbers. Create a Detection Rule on your Nightfall dashboard here and copy over its UUID. Specify up to 10 Detection Rules, one per line.

By submitting this form, you agree to our Terms & Conditions and Privacy Policy.


Nightfall is the industry's first cloud-native data protection platform. Nightfall uses machine learning to discover, classify, and protect sensitive data like PII, PHI, and credentials. Nightfall integrates natively with cloud apps like Slack, GitHub, Google Drive, Confluence, and Jira, as well as provides a set of APIs for embedding best-in-class content inspection technology anywhere.

The report is sent via email as a CSV export. The report shows exactly what types of sensitive data are found and where in your Zendesk instance, so you can easily track it down. The fields include the item type (e.g. File), Zendesk ID, Zendesk permalink, the Detector (e.g. Credit Card Number), detection confidence (e.g. Very Likely), the character locations of the sensitive data, and more. The email will also contain a high level summary of the scan.

No, Nightfall does not retain your data. That is why this service sends results to you as a CSV attachment via email instead of a hosted dashboard. Once this email is sent to you, there is no retention on Nightfall's end about your Zendesk instance.

Yes, Nightfall scans both comments and file attachments. We cover common file types like plaintext, Office, PDF, images, and more.

Yes, there are certain limitations as a free utility. This utility will scan up to 500 items (e.g. files) or 500 MB of data. Files over 20 MB won't be scanned. We output the first 100 sensitive findings in the report.

Please email us or schedule a meeting to discuss running a complete scan & outputting a full report, as well as more of Nightfall's full platform capabilities.