Security

Truffle Security is founded by career security experts with specializations in Application, Infrastructure, and Offensive Security. Those experienced perspectives influence all of our products and platform features.

TruffleHog is developed by a team led by security experts. Security is our passion and our primary concern. All features are developed with best practices in mind.

Authenticate with secure SAML 2.0 or OAuth 2.0 workflows for users and never worry about username and password breaches.

Each customer’s installation of TruffleHog is hosted in its own private environment with an isolated database instance, which is encrypted at rest.

TruffleHog runs on nearly any system, so you can run from our secure and isolated servers, or choose your own. With our on-premise offering, you can scan sources on your internal network, scan in-region to reduce bandwidth costs, and ensure your source credentials never leave your infrastructure with a local configuration.

Every deployment of TruffleHog receives randomly generated and securely stored infrastructure credentials.

The details of your findings are never sent to third parties.

Scanning for secrets occurs in memory so that the scanned data is never persisted to storage.

Only metadata about where a secret is found and redacted information about the credential is stored.

Deployments and updates are automatic and behind the scenes, so you’re always using the latest and greatest.