TruffleHog Analyze

TruffleHog Analyze is an extension to TruffleHog Enterprise that provides context-rich intelligence for leaked secrets and non-human identities (NHIs). The tool automatically queries provider APIs to enrich secret findings with detailed information about ownership, access scope, and permissions. The product identifies who created each secret, determines which services and resources the secret can access, and analyzes the specific permissions it holds including read, write, and admin rights. This contextual information enables security teams to assess the impact of exposed credentials and prioritize remediation efforts. TruffleHog Analyze includes built-in pattern recognition to flag high-risk configurations such as non-organization Slack tokens, secrets from unmanaged or personal accounts, and admin-level or broadly scoped credentials. The enrichment data includes creator/owner information, access levels, affected services and resources, resource scope, identity mapping, and usage timestamps where available. The tool supports over 40 key types including AWS access keys, GitHub personal access tokens, Slack tokens, database connection strings, and GCP credentials. Analysis results appear directly within the TruffleHog UI through a dedicated "Analyze" tab on secret detail pages with inline highlights showing ownership, scope, and risk. TruffleHog Analyze provides guided rotation and revocation instructions tailored to each provider, helping teams quickly and confidently replace compromised credentials.