It ties the secret to your organization using emails, account IDs*, or members of your GitHub organization**
*For AWS and GCP
**Regardless of the commit email used—cool, right?
Now you can view the details of the exposure in TruffleHog Enterprise
Expansive internet scanning
Scans the public internet for cloud service keys (like Google Cloud and AWS), including millions of push events on GitHub and NPM packages.
Go beyond domain matching
We go beyond domain matching and links leaks to specific account IDs for AWS and GCP.
On GitHub, Forager pulls members from the organization and monitors for leaks, regardless of commit email.
Monitoring and alerts
Alerts within minutes of a live key being detected, reducing the noise of false positives and irrelevant alerts.
Open-source flexibility
Supports more than 800 detectors, with the ability to add detectors easily through an open-source pull request.
*Note that scanning solutions that link to keywords result in a higher number of false positives—we're all about the true positives here.
