User Enablement Guide
14 min
documentation all enterprise documentation is available here https //docs trufflesecurity com/ the full list of detectors is available here https //github com/trufflesecurity/trufflehog/tree/main/pkg/detectors to access the trufflehog api documentation do the following log into your trufflehog instance in the left navigation bar, click on โdocumentationโ click on โapi docsโ if you have questions about the terminology used throughout this document, please reference this page https //docs trufflesecurity com/terminology you can export your secret findings in a csv file and this guide explains each column name https //docs trufflesecurity com/exported secrets column definitions adding users to add a user, within trufflehog click on โsettingsโ, then click on โusersโ enter the user's email address, select their role and then click โadd userโ enter email address and select role deleting users to delete a user, within trufflehog click on โsettingsโ, then click on โusersโ find the user's email address and click "remove" on the right side of the user record user roles explained admin admins have full editor permissions as well as managing users and authentication editor people with editor access have read and write access to trufflehog they can set up integrations, adjust secret triage states, and most other changes editors cannot manage users or authentication viewer people with viewer access have read only access to trufflehog they can see metrics, explore discovered secrets, and view any other data available viewers cannot make changes share viewer people with share viewer access have read only access to the trufflehog secrets you share with them directly like this for more information about setting up"dynamic role based access" please follow this document https //docs trufflesecurity com/dynamic role based access control rbac setting up single sign on (sso) to setup sso, please follow the guide available here https //docs trufflesecurity com/authentication trufflehog api accessing documentation to access the trufflehog api documentation do the following log into your trufflehog instance in the left navigation bar, click on โdocumentationโ click on โapi docsโ creating an api key to create a trufflehog api key, do the following log into your trufflehog instance in the left navigation bar, click on โsettingsโ click on โapi keysโ click on "generate api key" name your key and select an expiration date (never, 1 day, 7 days, 3 months, 1 year) and click "add api key" copy the "api key id" and "api key secret" and store it in a secure place ("download as json" or copy via clipboard icon) click "done" dashboard insights live secrets this graph shows a current total and view over the last 6 months of all live secrets live means that we found the secret in one of your environments and were able to successfully make a safe, read only api call to the service provider to test if the credential is valid without modifying any resources (optional) more information about how trufflehog verifies secrets is available here https //trufflesecurity com/blog/how trufflehog verifies secrets clicking on "take me there" will take you to the "secrets" page pre filtered to show only live secrets secrets discovered this graph shows a total count of all live secret locations discovered across your sources users can click on any bar in the graph and it will take them to the "secrets" page pre filtered to show only live secrets for that secret type example clicking on aws will take you to a view of all live aws secrets clicking on "view all secret types" will take you to the "secrets" page pre filtered to show only live secrets days on average to rotate this graph shows the days on average that it takes your team to rotate the secrets that trufflehog finds the graph shows the last 6 months with each dot representing a bi weekly data point save as pdf users can also save a pdf version of this page by clicking "save as pdf" in the top right corner active scans the "active scans" view shows any scans that are currently running secrets page clicking "secrets" in the left navigation panel will take you to the secrets page where you can initially filter secrets based on the following secret state triage state definitions of the secret state and triage state options are available here https //docs trufflesecurity com/terminology clicking "filters" in the top right corner displays even more options that you can filter on you can save your filters additional filters include secret type the kind of secret that was found ex aws access key, mongodb credential, huggingface api key, github pat source type where / which system the secret was found in ex github repository, slack channel, confluence page source name the name / identifier of the source / integration you created this is done on the "integrations" page and more information can be found later in this document examples of different source names can be found below notice that the tool / system is provided in parentheses for each item scanner name the "scanner name" filter lets you filter based on your hosted scanners (i e managed scanners hosted by truffle security co ) and your self hosted scanners you can view the full list of these scanners by clicking "settings" then "scanners" in the left side navigation menu location type the "location type" filter lets you filter based on where a secret was found connection issues the "connection issue" filter lets you filter based on the type of connection issue we encountered when we tried to verify the found secret(s) trufflehog analyze the "trufflehog analyze" filter lets you filter by the type of analyzer (ex square, openai, mailchimp) and the permissions (ex "read", "write", etc ) associated with that analyzer more information about analyze is available here https //docs trufflesecurity com/analyzers discovered secrets the "discovered secrets" tab shows a list / table of all secrets that match the current filter set the "secret locator" and "location" table headers can be clicked to sort the table in alphabetical order the "found on" and "last seen" table headers can be clicked to sort the table in order by timestamp additional actions can be found for each item in the "actions" column each individual secret can be clicked on to navigate to the "secret details" view analyze how to filter all live secrets when you open secrets on the left, you will not see truffle analyze search box to the right of triage state to get the analyze search box, go to one of your secrets that has been identified by analyze, like this slack token left click any permission and click add to filter the bottom notification displays click filter by 1 permission the dashboard redirects you back to secrets and surfaces the trufflehog analyze beta search box to filter filter by all to see all exposed live secrets these are all of the suraced live secrets under discovered secrets click into any of these below under secret locator to see their access permissions click open ai secret to see permissions as an example forager forager diligently monitors public commits on github and package releases on npm, looking for leaked secrets the "forager" tab shows the total verified keys, key types and user leaked credentials found across those platforms for a given email domain (ex trufflesec com) more information about forager is available at the links below https //forager trufflesecurity com/ https //trufflesecurity com/blog/introducing forager
