Join us

ContentUpdates from Truffle Security...
 Activity
devopslinks
@devopslinks added a new tool Grype , 3 weeks ago.
 Activity
kaptain
@kaptain added a new tool Hadolint , 3 weeks ago.
 Activity
varbear
@varbear added a new tool Bandit , 3 weeks ago.
 Activity
devopslinks
@devopslinks added a new tool JFrog Xray , 3 weeks ago.
 Activity
devopslinks
@devopslinks added a new tool OWASP Dependency-Check , 3 weeks ago.
 Activity
varbear
@varbear added a new tool pre-commit , 3 weeks ago.
 Activity
devopslinks
@devopslinks added a new tool GitGuardian , 3 weeks ago.
 Activity
devopslinks
@devopslinks added a new tool detect-secrets , 3 weeks ago.
 Activity
devopslinks
@devopslinks added a new tool Gitleaks , 3 weeks ago.
Course
eon01
@eon01 published a course, 3 weeks ago
Founder, FAUN.dev

DevSecOps in Practice

#AppSec  #DevOps  #DevSecO...  #SecDevO...  #Securit... 
TruffleHog Flask NeuVector detect-secrets pre-commit OWASP Dependency-Check Docker checkov Bandit Hadolint Grype KubeLinter Syft GitLab CI/CD Trivy Kubernetes

A Hands-On Guide to Operationalizing DevSecOps at Scale

DevSecOps in Practice
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email

|

Sell your course on FAUN.dev
Truffle Security is the company behind TruffleHog, one of the most widely used open-source tools for discovering leaked secrets in code repositories, cloud environments, and developer infrastructure. The company focuses on securing the modern software supply chain by detecting exposed credentials early, validating them with high accuracy, and providing actionable remediation workflows.

Their platform supports large-scale scanning across GitHub, GitLab, Bitbucket, CI/CD systems, and enterprise codebases, with specialized products for continuous monitoring and automated alerting. Truffle Security works closely with security researchers and enterprises to reduce the risk of account takeovers, data breaches, and supply chain attacks driven by credential leakage. The company also invests in security research programs that uncover real-world vulnerabilities across open-source ecosystems.