TRUFFLEHOG

TRUFFLEHOG

ENTERPRISE

ENTERPRISE

TruffleHog™ Enterprise operationalizes secrets scanning and facilitates remediation throughout the Software Development Lifecycle.

TruffleHog™ Enterprise operationalizes secrets scanning and facilitates remediation throughout the Software Development Lifecycle.

Continuous scanning across your entire SDLC

Secrets scattered across your SDLC—from Git repos to CI logs—pose serious risks. A single leak can trigger security breaches, legal trouble, and reputational damage.

Slack

GitHub

GitLab

Jira

Confluence

S3

Bitbucket

Jenkins

Artifactory

Buildkite

Gerrit

Git

Teams

SharePoint

Google Drive

Azure DevOps

Docker

TruffleHog digs deep
TruffleHog digs deep

TruffleHog searches through commit histories, comments, archives, encoded text, and more.

TruffleHog searches through commit histories, comments, archives, encoded text, and more.

20+ integrations and counting
20+ integrations and counting

TruffleHog Enterprise continuously monitors your source code, chat platforms, wikis, ticketing systems and more, integrating seamlessly with your development workflows.

TruffleHog Enterprise continuously monitors your source code, chat platforms, wikis, ticketing systems and more, integrating seamlessly with your development workflows.

Secrets leak everywhere

Secrets leak everywhere

Credential compromise is a leading cause of breaches, costing companies billions.

They leak out in a variety of ways, and typically stay active for a long time after exposure.

Credential compromise is a leading cause of breaches, costing companies billions.

They leak out in a variety of ways, and typically stay active for a long time after exposure.

An overview of
TRUFFLEHOG ENTERPRISE

An overview of
TRUFFLEHOG ENTERPRISE

TruffleHog Enterprise runs across all your platforms quietly in the background and only alerts when verified secrets are leaked.

Intuitive Dashboard

TruffleHog's dashboard provides a comprehensive overview of scans, tailored alerts, and prioritized remediation actions.

Secret Verification

TruffleHog’s open-source engine scans 800+ credential types, directly verified with key providers for unmatched scan accuracy. No triaging false positives or inactive keys.

Run Anywhere

TruffleHog can be run on-premises or from our secure, isolated cloud instances. This makes TruffleHog a great option for scanning on your internal network.

Continuous Monitoring

TruffleHog monitors key liveness for remediation. Customized alerts and messages are sent to developers with how to rotate instructions.

Automatic Updates

Updates are automatically pulled by your scanners for new integrations, supported secrets, remediation workflows, and more.

Prevent Leaks

TruffleHog’s pre-commit and pre-receive hooks for developers prevent keys from being leaked in the first place.

TRUFFLEHOG ENTERPRISE
extends open-source

Open-source

FREE!

Enterprise

GitHub, S3, directory, GCS , and Docker scanning

800+ secret detectors

GitHub actions, pre-commit, and pre-receive hooks

Custom regex and secrets verification

Automatic updates

19+ Integrations (GitHub, Confluence, JIRA, Slack, More)

Choice of on-premises and cloud scanning

Continuous monitoring

Intuitive dashboard

Alerting

Monitor vast public datasets

Single sign-on: SAML 2.0 or OAuth 2.0

Role-based access control

Deployment and onboarding support

On-going priority technical  support

Detailed analytics and reporting

TRUFFLEHOG ENTERPRISE
extends open-source

Open-source

FREE!

Enterprise

GitHub, S3, directory, GCS , and Docker scanning

800+ secret detectors

GitHub actions, pre-commit, and pre-receive hooks

Custom regex and secrets verification

Automatic updates

20+ Integrations (GitHub, Confluence, JIRA, Slack, the list goes on...)

Choice of on-premises and cloud scanning

Continuous monitoring

Intuitive dashboard for secrets management

Alerting and detailed analytics and reporting

Monitor vast public datasets with Forager

Single sign-on: SAML 2.0 or OAuth 2.0

Role-based access control

Deployment and onboarding support

On-going priority technical  support

AVAILABLE AS AN ADD-ON

TRUFFLEHOG
FORAGER

TRUFFLEHOG
FORAGER

Scan the internet

Scan the internet

Forager scans millions of pushes to public GitHub and all of NPM for live keys, and attributes them back to your organization. It correlates email addresses, account IDs and other attributes back to you.

Forager scans millions of pushes to public GitHub and all of NPM for live keys, and attributes them back to your organization. It correlates email addresses, account IDs and other attributes back to you.

Cmd eliminates secrets injected into codebase

"We knew that there was a ton of exposure that was possible through the software that we were building. Secrets being injected into our codebase were inevitably going to happen. We had a ton of developers building a lot of software and we were moving super super fast. When you move fast, mistakes happen."

Jake King, Co-founder & Chief Security Officer, Cmd

Find out how Cmd was able to elevate its security posture by automating secrets detection with TruffleHog.

Read the case study

Cmd eliminates secrets injected into codebase

"We knew that there was a ton of exposure that was possible through the software that we were building. Secrets being injected into our codebase were inevitably going to happen. We had a ton of developers building a lot of software and we were moving super super fast. When you move fast, mistakes happen."

Jake King, Co-founder & Chief Security Officer, Cmd

Find out how Cmd was able to elevate its security posture by automating secrets detection with TruffleHog.

Read the case study

Take control of your secrets with TRUFFLEHOG

Contact us to protect your data across the entire SDLC

Get started

Take control of your secrets with TRUFFLEHOG

Contact us to protect your data across the entire SDLC

Get started