TruffleHog is an open source secret scanning engine that resolves exposed secrets across your company’s entire tech stack - protecting your data before a breach occurs. TruffleHog’s open source engine actively verifies 700+ credential types against the key provider to eliminate false positives. We scan more than just your code repositories, we scan your entire SLDC! When a secret is exposed, TruffleHog allows for shift-left key rotation and putting the resolution in the hands of the developers.

TruffleHog’s Features:

  1. Centrally manage integrations, scans, results, notifications and automatic remediation workflows

  2. Over 700 secret detectors that support automatic API verification

  3. Scan binaries and encoded data

  4. Private Key verification against Certificate Transparency and GitHub SSH. Want more information, check out this article here: need URL to post about Driftwood here.

  5. Run from your environment or ours

  6. Automatic updates ensure optimal protection and lift operational burden

  7. Takes only 5 minutes to setup!

  8. Remediate findings before they become a problem

If you have any questions, please do not hesitate to reach out to Truffle Security at

Did this answer your question?