TruffleHog

TruffleHog runs behind the scenes to scan the environment for secrets like private keys and credentials, so data can be protected before a breach appears. Secrets can be found anywhere, so TruffleHog scans more than just code repositories, including SaaS and internally hosted software. With support for custom integrations and new integrations added all the time, TruffleHog is designed to secure secrets across the entire environment.

• TruffleHog enables the user to track and manage secrets within its management interface, including links to exactly where secrets have been found.
• Authenticate with secure OAuth workflows for users and never worry about username and password breaches.
• TruffleHog runs quietly in the background, continuously scanning the environment for secrets that, if leaked, could pose a risk to the company.
• TruffleHog automatically scans for secrets every time changes are made. It provides alerts whenever new secrets or keys are put in any of the projects.
• Open source secret scanning software suffers from high false positives, requiring investigation and triage. TruffleHog’s Secret Verification Technology checks the credentials against their APIs or databases to ensure the findings are actionable with live credentials.
• TruffleHog runs on on nearly any operating system and architecture, so it can be run from Truffle Security's secure and isolated hosts, or from the user's own.
• No matter where it is run, TruffleHog offers hands-off management with automatic updates.