Sold by: Truffle Security Co.
TruffleHog Analyze adds context to verified secrets by answering 'what can this credential do?' - including ownership clues accessible resources permissions and blast radius. It only runs on verified (live) secrets so analysis stays focused on real risk. In Enterprise Analyze can run automatically the moment a secret is verified and surface results in the UI and downstream workflows.
Overview
TruffleHog Analyze enriches findings with permission analysis so teams can prioritize remediation based on impact not just presence. It complements detection and verification by determining what a credential can access which resources are exposed and (where possible) who or what the credential belongs to. Turning - a live key exists - into actionable risk context.
Analyze includes two analyzer families: self-discovery analyzers (stateless non-state-changing API calls that infer metadata/permissions) and cloud IAM analyzers (deeper identity/permissions/resource mapping via cloud IAM integrations). In Enterprise analysis can trigger automatically on verification and feed into centralized UI + routing (Slack, Jira, SIEM, webhooks).
Highlights
- Blast radius & permissions context for verified secrets to support smarter prioritization.
- Self-discovery analyzers (stateless API probing) that reduce manual investigation by auto-enumerating metadata/resources/permissions where supported.
- Enterprise automation: analysis can run automatically on verification and flow into the same operational UI + integrations.
Details
Sold by
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
TruffleHog Analyze | Please reach out to partnerships@trufflesec.com for custom pricing. | $100,000.00 |
Vendor refund policy
Please contact sales@trufflesec.com to learn more about Truffle Security's refund policy.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Please refer to https://docs.trufflesecurity.com/ or submit a ticket within the TruffleHog platform.
Contact sales@trufflesec.com with any questions.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
TruffleHog Enterprise is the continuous secrets scanning and governance platform built on the same verification-first detection engine as TruffleHog OSS. It scans across your SDLC (beyond code) and verifies findings to prioritize live risk and dramatically reduce false positives. Enterprise adds centralized visibility, collaboration, and workflow integrations so teams can operate secrets remediation at scale.
TruffleHog Forager monitors public ecosystems (like GitHub and npm) for exposed secrets tied to your organization - catching leaks that happen outside your internal repos and infrastructure. It uses the same detection and verification engine as TruffleHog Enterprise but pointed outward at public exposure. Verified findings can appear alongside internal scan results and route into existing response workflows.
Enterprise source control strategy and implementation services for AWS-centric development environments. QBurst designs and implements scalable version control systems using AWS CodeCommit, GitHub Enterprise, GitLab, and Bitbucket with branching strategies, access controls, and CI/CD integration.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.