Get started
WireGuard is a registered trademark of Jason A. Donenfeld.
© 2024 Tailscale Inc. All rights reserved. Tailscale is a registered trademark of Tailscale Inc.
Go back

Maintain security for your Tailscale secrets automatically with TruffleHog

November 15 2023
Sam Linville
Sam Linville

At Tailscale, we aim to provide users with a programmable network that is both secure enough to earn their trust and flexible enough to meet their networking needs across a wide range of infrastructure set-ups.  We focus on making the locks trustworthy so our customers can focus on keeping track of their keys.

Today we’re announcing an integration between Tailscale and Truffle Security, the team behind the popular open-source secret scanning tool TruffleHog. TruffleHog scans data sources for any Tailscale secrets, verifies if the secret is still active, and then notifies you so you can revoke the secret.

TruffleHog can now monitor for any of five Tailscale secrets: API keys, Pre-authentication keys, OAuth client secrets, SCIM keys, and webhook keys. Keeping these keys safe is part and parcel to our shared security model.

Tailscale automatic secret scanning is available for both open source and Enterprise versions of TruffleHog. To use it, install and run TruffleHog following the documentation in Truffle’s GitHub repo. And if you’d like to read more about how Truffle and Tailscale worked together on this integration, they’ve done a great job of outlining it in their blog post.

Subscribe to Tailscale’s blog

We have a deep commitment to keeping your data safe.

Too much email?RSSX

Try Tailscale for free

Schedule a demo
Contact sales
cta phone
Hugging Face