TruffleHog is an open source secret scanning engine that resolves exposed secrets across your company’s entire tech stack - protecting your data before a breach occurs. TruffleHog’s open source engine actively verifies 700+ credential types against the key provider to eliminate false positives. We scan more than just your code repositories, we scan your entire SLDC! When a secret is exposed, TruffleHog allows for shift-left key rotation and putting the resolution in the hands of the developers.
Centrally manage integrations, scans, results, notifications and automatic remediation workflows
Over 700 secret detectors that support automatic API verification
Scan binaries and encoded data
Private Key verification against Certificate Transparency and GitHub SSH. Want more information, check out this article here: need URL to post about Driftwood here.
Run from your environment or ours
Automatic updates ensure optimal protection and lift operational burden
Takes only 5 minutes to setup!
Remediate findings before they become a problem
If you have any questions, please do not hesitate to reach out to Truffle Security at firstname.lastname@example.org