??You can now add TruffleHog to Burp Suite! ?? Install TruffleHog directly from the BApp Store ??Scan web traffic data for live, verified credentials? - active and exploitable - right inside Burp Suite Because secrets don’t just leak in code… ?? ??Learn more: https://lnkd.in/gPH7j8Wm Thanks to PortSwigger for their partnership! #TruffleHog #BurpSuite #Secrets #DataSecurity #Appsec #OpenSourceSecurity #cybersecurity #secretsmanagement #securityawareness #datasecurity #infosec #TruffleSecurity
关于我们
Our team of career security experts are dedicated to building robust and intelligent software that helps you protect your information. Security is our passion and our primary concern, and all features are developed with best practices in mind. Our flagship product, TruffleHog, runs behind the scenes to scan your environment for secrets like private keys and credentials, so you can protect your data before a breach occurs. We're on a mission to secure sensitive data. https://www.youtube.com/c/TruffleSecurity
- 网站
-
https://www.trufflesecurity.com
Truffle Security Co.的外部链接
- 所属行业
- 计算机和网络安全
- 规模
- 11-50 人
- 总部
- San Francisco Bay Area
- 类型
- 合营企业
- 创立
- 2019
地点
-
主要
获取路线
US,San Francisco Bay Area
Truffle Security Co.员工
动态
-
Thanks for having me on Joel D.!
This video explores the growing security concerns around AI-generated code, many of which stem from how these models were trained and aligned. My conversation with?Dylan Ayrey?of?Truffle Security Co.?Security is below
-
?? We scanned 400TB of web data used to train DeepSeek & found: ??~12K API keys & passwords in LLM training data—still live ?? 2.76M affected web pages ?? One API key appeared 57,029 times ?? 219 different secret types, including AWS root keys, Slack webhooks & Mailchimp API keys ?? Full research: https://lnkd.in/d82a2s7W #TruffleHog #LLM #DeepSeek #DataSecurity #Appsec #OpenSourceSecurity #cybersecurity #secretsmanagement #securityawareness #datasecurity #infosec #TruffleSecurity
-
?? We found a live AWS key in our?bed!???? ??… and a backdoor that lets Eight Sleep’s engineers SSH into every customer’s bed. ?? Read the post to learn more: https://lnkd.in/gKqvys7G #TruffleHog #IOT #DataSecurity #AWS #OpenSourceSecurity #cybersecurity #secretsmanagement #securityawareness #datasecurity #infosec #TruffleSecurity
-
?? We're hiring at Truffle Security! Spotlighting our newest role up: Senior Security Researcher. This is a highly visible, community-focused role spearheading #opensource security research projects. Working closely with Joseph Leon, you'll have the autonomy to choose projects that amplify Truffle's brand, and inspire organizations to better secure themselves.? We're looking for someone who has a proven background in security research and building communities of trust. ?? Examples of our research style can be found on our blog: https://lnkd.in/gTuBauGT ?? Ready to apply, or know someone who'd be a great fit? The link is in the comments below— tag them and share! #hiring #securityresearch #securityjobs
-
?? Under the Hood of TruffleHog - Discover how TruffleHog’s secret scanning gets its speed! ? Part 1 of our series by Ahrav Dutta dives into CPU optimizations powered by the Aho-Corasick algorithm, highlighting: ?? Faster keyword matching with precomputed failure transitions ?? 11-17% performance boost for large-scale scanning ?? https://lnkd.in/gvuAP8Jc ?? Stay tuned for Part 2 on memory optimizations! #TruffleHog #AhoCorasick? #DataSecurity #Appsec #OpenSourceSecurity #cybersecurity #secretsmanagement #securityawareness #datasecurity #infosec #TruffleSecurity
-
??Today we are announcing a new OAuth bug that affects millions of accounts ?? TLDR: Google’s OAuth login doesn’t protect against someone purchasing a failed startup’s domain and using it to re-create email accounts for former employees ?? full blog: https://lnkd.in/g2e24GSs #OAuth #Google #DataSecurity #cybersecurity #secretsmanagement #securityawareness #datasecurity #infosec #TruffleSecurity #TruffleHog
-
??? Entering the year being recognized as one of Built In's 2025 Best Places to Work! ?? ?? This recognition is a testament to the incredible culture we're building together — one that values transparency, collaboration, and continuous learning. Grateful for our Trufflers, who shape our culture each day. ?? If you're looking for a new opportunity in the new year, we're hiring! Check out open roles here: https://lnkd.in/gpVCEPBG #BPTW2025 #2025BuiltInBest #BestPlacesToWork #Hiring #BestRemoteStartups #BestWorkplaces #Cybersecurity
-
-
GitHub's activity graph doesn't have abuse controls. This allows you to spray paint over other GitHub user's profiles, so we asked the question: Can you use this power for good? Yes. Yes you can. ?? ?? ?? Read the full story here: ?? https://lnkd.in/gYkZQjFP
-
?? 10% of SaaS platforms mishandle GitHub OAuth tokens, creating potential backdoors into corporate accounts. ?? ??This vulnerability extends beyond GitHub to services like Azure, Slack, and more, enabling attackers to compromise accounts, exfiltrate tokens, and trigger large-scale breaches. ?? The issue isn’t OAuth itself—it’s how platforms secure your tokens. ?? Dive into our latest research to learn more: https://lnkd.in/grf5VRpx #TruffleHog #OAuth #GitHub #Azure #Slack #DataSecurity #Appsec #OpenSourceSecurity #cybersecurity #secretsmanagement #securityawareness #datasecurity #infosec #TruffleSecurity