Getting started

Terminology

2min

Secrets

Secrets, or more generally credentials, are the data that is scanned for. Examples of secrets include: access keys/tokens, API keys, passwords, etc.

Secret states

Live: The secret is verified and is active.

Never Live: The secret was never verified as active.

Rotated/Deactivated: The secret was verified as live at one point, and has since been verified as not live.

All: Any secret that was found.

Triage states

Not Triaged: The secret has not been triaged.

Invalid: The secret is marked invalid by the user. This could be for any reason. For example, the secret is wrong.

Resolved: The secret was marked as resolved by the user. Useful for when the secret was removed before TruffleHog could verify that it is no longer active.

Will Not Fix: The secret was marked as will not fix by the user. Common reasons are risk acceptance and canary tokens.

Configuration

Sources: integrations that provide data to be scanned. They are configured via a local configuration file, or in the web UI. Examples of sources include: Slack, JIRA, Github, S3, etc. See the Scan data for secrets part of the documentation for more information.

Notifiers: integrations for sending notifications for found secrets. Examples of notifiers include: Email, Slack message, JIRA ticket, or a webhook. See the Notify results part of the documentation for more information.

Scanners (agents): the component that scan for secrets and verify them. Metadata of the secret is sent to the configured notifiers and to your hosted web UI. See the rest of the Getting started documentation for creating and configuring a scanner.

By default, scanners are part of the Hosted scanner group. The Hosted scanner group is run for you in Truffle Security infrastructure in your own isolated environment. Additionally, scanners can be setup to run on your own hardware. These scanners will be placed in an individually created scanner group.

Scanner Group (agent group): used to manage multiple scanners. You configure scanner groups in the web UI. A scanner group can run more than one scanner instance, and scan jobs will run across those instances.

Updated 20 Apr 2024
Doc contributor
Doc contributor
Did this page help you?
PREVIOUS
Secrets management
NEXT
Scan data for secrets
Docs powered by Archbee