TruffleHog Release Notes
2025 August
5 min
improve response features here help teams act faster and more effectively when secrets are found these capabilities streamline investigation, triage, and collaboration, enabling quicker remediation and reducing risk what's new secret page filter enhancements the secret type and source type filters now display only types that have been detected in your environment benefits this makes it easier to focus on relevant findings, reduces clutter in the options list, and speeds up your investigation workflow availability available in enterprise edition aws detector ignore list prevents verification of aws credentials from known βnon relevantβ accounts (e g canary accounts) β documentation here benefits avoids verification on secrets customers donβt want tested against, minimizing network chatter, and focuses on identifying leaked credentials that matter to the organization availability available in enterprise edition custom detector improvements you can now require secrets to include at least one digit, special character, uppercase letter, or lowercase letter benefits removes false positives and overall accuracy of detection availability available in enterprise edition find more secrets features here focus on growing coverage across more areas within an environment, and expanding detection coverage and secret types, ensuring no secrets slip through the cracks whatβs new detection enhancements to search for 3 new key types rootly, hashicorp vault approle auth, and photoroom benefits broader detection coverage helps identify more leaked secrets, strengthening your security posture and reducing the risk of credential exposure across your stack brings the total to 813 active detectors supporting 857 different key types availability available in enterprise edition and in open source ease administration features here are aimed at simplifying ongoing management of the truffle security platform including integration setup and user administration whatβs new trufflehog now supports bitbucket oauth for locally configured scanners when the scanner configuration is stored in aws secrets manager benefits customers can now use oauth with their locally configured bitbucket source integrations availability available in enterprise edition file system scan enhancements allows binary files to be skipped during this scan, which can consume heavy resources documentation here benefits improves performance by reducing scan times and resource usage and improves efficiencies by focusing the scanning on files most likely to contain secrets availability available in enterprise edition