Sources are entities that provide data to be scanned. They are configured via a local configuration file, or in the web UI. Examples of sources include: Slack, JIRA, Github, S3, etc.
Notifiers are the integrations for sending notifications for found secrets. Examples of notifiers include: Email, Slack message, JIRA ticket, or a webhook.
Workflows are integrations for driving remediation directly with developers.
Scanners (Agents) #
Scanners are the component that scan for secrets and verify them.
Metadata of the secret is sent to the configured
notifiers and to your hosted web UI.
By default, scanners are part of the Hosted scanner group.
Hosted scanner group is run for you in Truffle Security infrastructure in your own isolated environment.
Additionally, scanners can be setup to run on your own hardware. These scanners will
be placed in an individually created scanner group.
Scanner Group (Agent Group) #
Scanner groups are used to manage multiple scanners. You configure scanner groups in the web UI.
Secrets, or more generally credentials, are the data that is scanned for. Examples of secrets include: Access Keys/Tokens, API keys, passwords, etc.
Secret States #
- Live: The secret is verified and is active.
- Rotated: The secret is verified and was live at one point in time, but is no longer live.
- Verified: The secret was validated to be active at some point in time. Note: A Verified secret is not necessarily live.
- Unverified: The secret was identified, but could not be verified.
- Remediated: The secret has been addressed in one of few ways. The secret could have been rotated, marked as resolved, or will not fix.
- Invalid: The secret is marked
invalidby the user. This could be for any reason. For example, the secret is wrong.
- Resolved: The secret was marked as resolved by the user.
- Will Not Fix: The secret is verified and live, but no action is taken to remediate it. This is usually because the secret is not sensitive.
- All: Any secret that was found.