UNEARTH
Your
Secrets
UNEARTH
Your
Secrets
TruffleHog is an open source secret-scanning engine that helps resolve exposed secrets across your company’s entire tech stack.
TRUFFLEHOG
Digs deep
TruffleHog scans for sensitive keys in hidden content and version history from commonly used tools across your company
TRUFFLEHOG
Digs deep
TruffleHog scans for sensitive keys in hidden content and version history from commonly used tools across your company

SIGNAL
SIGNAL
TruffleHog’s open source engine actively verifies 700+ unique credential types against the key provider to eliminate false positives.

REMEDIATIONS
REMEDIATIONS
TruffleHog’s remediation workflows ‘shift-left’ key rotation by automating a secret remediation process with the developer who leaked the key.

Open source
BY THE
NUMBERS
Open source
BY THE
NUMBERS
Security tooling should be transparent and open.
50
K+
Times run per day
6
K+
Daily installs
14
M+
Downloaded over 7 million times
11
K+
GitHub stars
Our scanning engine and integrations are open source so that we can all transparently and openly collaborate together on improving security.

Our Customers
Our Customers
“TruffleHog is elegant security design. It operates in a standalone manner, and I get a notification in Slack when I need to do something to resolve an alert. It’s seamless.”
Jake King
Co-founder of CMD & Tech Lead @ Elastic Security
“TruffleHog is elegant security design. It operates in a standalone manner, and I get a notification in Slack when I need to do something to resolve an alert. It’s seamless.”
Jake King
Co-founder of CMD & Tech Lead @ Elastic Security
“TruffleHog solves a large problem in the industry, and the validation piece within TruffleHog is something that we love. It doesn’t just show us a billion secrets that have been leaked, it validates and focuses on the secrets that we need to remediate in order to prevent a bigger problem.”
Yashvier Kosaraju
VP of Security, Comp

Take control of your secrets with TruffleHog. Contact us to get started on a free 7-day trial.