Welcome to
TruffleHog
TRUFFLEHOG
Enterprise
SEE IT IN ACTION
The enterprise version of TruffleHog provides everything you need to operationalize continuous secrets scanning across your company. TruffleHog runs across all your platforms quietly in the background and only alerts when verified secrets are leaked.
INTEGRATIONS
Scanning integrations to cover your entire SDLC
Slack
GitHub
GitLab
Jira
Confluence
S3
BitBucket
Jenkins
Artifactory
Buildkite
Gerrit
Git
MS Teams
Identify, Prevent
AND
Remediate
secrets leaks across all the platforms from a single pane of glass.
Goodbye, false positives
Eliminate false positives with over 700 secret detectors that support automatic API verification. When a new key is found, TruffleHog will check the key against the provider to determine what the key has access to. No more worrying about triaging false positives or dead keys.
X-ray sniffer
Many secrets can be found outside of plaintext files. TruffleHog’s decoders can find those secrets in PDFs, images, encoded text, executables and much more!
Private key private investigator
We find lots of private keys with TruffleHog. So we continuously index over 12,000,000,000 public keys from Certificate Transparency and GitHub SSH to immediately know which private keys are sensitive. We call this technology Driftwood and it’s Open Source and integrated with TruffleHog.
Yours or ours
TruffleHog can be run on-premises or from our secure isolated cloud instances. This makes TruffleHog a great option for scanning on your internal network.
Automatic evolution
New updates to TruffleHog are automatically pushed to your instance to ensure that new integrations, supported secrets, remediation workflows, and patches are added as they become available.
Shifting left
TruffleHog’s remediation workflows shift the responsibility of rotating each key to the person that leaked it. For example, TruffleHog can auto-file and assign jira tickets to the leaker or Create Slack channels to remind and verify leak remediation automatically.
Thorough historian
Most source code and document history are buried in the past. We scan all current and previous versions, attachments, artifacts, comments, and logs of our integrations to ensure a deep analysis is performed.
Ever vigilant
An AWS credential posted publicly on GitHub is compromised in minutes, often leading to crypto mining, ransomware, or worse in your cloud environment. Truffle Security monitors your public and private data sources in real time to enable you to take action when it matters most.
Secrets deflectors
TruffleHog’s pre-commit and pre-receive hooks for developers prevent the keys being leaked out in the first place. Also, our various CI/CD integrations provide additional assurances that prevent secret leaks before they reach production systems.
TruffleHog is a security tool, built by a security passionate community. Checkout everything we are doing to secure TruffleHog.
Take control of your secrets with TruffleHog. Contact us to get started on a free 7-day trial.