Secrets, Everywhere: Why We Co-Led Truffle Security’s Series B
Today, we are thrilled to announce that Intel Capital co-led Truffle Security’s $25 million Series B financing alongside Andreessen Horowitz.
In modern software development, secrets are everywhere. They’re the very bedrock that one machine or service uses to authenticate itself to another machine or service. These secrets - API keys, database passwords, private access tokens - power the interactions between thousands of services, libraries, and frameworks. The shift to microservices architectures, the decoupling of frontend and backends, and the explosion of third-party APIs have only accelerated this secrets proliferation—and it’s not slowing down. They’re hard to manage, hard to use, hard to understand: secrets are hard and they shouldn’t be.
Developers are increasingly relying on coding co-pilots and LLM-driven coding agents. While these tools promise productivity gains, they’re amplifying the secrets proliferation problem. First, these tools are rapidly accelerating the aggregate lines of code under management, which creates a much larger surface area to introduce code-specific vulnerabilities. Additionally, these tools are naturally non-deterministic and often make recommendations that don’t follow best practices for application security. A perfect example is hard coding secrets directly into the code base itself. Last year, the Truffle Security team tested ten popular LLMs and found that most recommended hardcoding API keys and passwords directly in source code—a ticking time bomb for application security teams. And in the rapid adoption cycle of AI, many developers are just accepting these recommendations at face value in the interest of speed and vibe development.
Secrets management platforms and storage systems have been around for nearly a decade, yet secrets continue to leak across Git repositories, messaging platforms like Slack and Teams, IT Service Management (ITSM) systems like Jira and Confluence, logs, API testing tools like Postman, and more. The result? Credential compromise remains the leading cause of data breaches, as highlighted in the Verizon 2024 Data Breach Investigations Report, often serving as the initial wedge for ransomware or extortion. While individual phishing exercises continue to be on the rise, many incidents are caused by inadvertent secrets leaks.
From Open Source to Enterprise Leadership
Truffle Security’s journey began with open-source projects that are now industry-wide standards leveraged across secrets detection. Dylan Ayrey, Co-Founder & CEO, first created the open-source project TruffleHog in 2016. Dustin Decker, Co-Founder & CTO, and Dylan were classmates at Rochester Institute of Technology and have been core maintainers of the TruffleHog project for years. Additionally, the Truffle Security team includes Zach Rice, who first created the Gitleaks open-source project in 2018 and joined Truffle Security in 2023, and Brad Larson, who first created the Nosey Parker open-source project in 2022 and joined Truffle Security in 2025, extending Truffle Security’s open source advancement in the field by uniting core stewardship of all three projects under one roof. All three projects are extremely popular amongst practitioners, collectively with over 48K+ GitHub stars, 400+ contributors, and 15M+ DockerHub pulls.
Building on this foundation, Truffle Security is introducing TruffleHog Analyze, which assesses cloud credential risk by clearly enumerating cloud resource access and permissions. This provides actionable insights to cloud security teams without exposing sensitive data. It is an extension of Truffle Security’s core product TruffleHog Enterprise, which provides secrets detection well beyond source code management tools to Slack, Jira, Confluence, Google Drive, and more, offering continuous monitoring, advanced permission analysis, key validations, and ticketing integration.
The team has designed the platform for enterprise readiness: SSO, encrypted data at rest, isolated environments, secure authentication, in-memory scanning, automatic updates, and third-party SOC 2 Type II audits ensure organizations can confidently deploy at scale.
Why We Co-Led the Series B
We were introduced to Dylan and Dustin in late 2021 and have since been following along on their journey as they expand from open-source secrets identification engines to broader identity and access management (IAM) workflows.
Secrets management is fundamentally a workflow problem for developers, not just a problem that can be solved by vaulting. Existing tools solve pieces of the puzzle, but breaches continue. Truffle Security’s approach uniquely positions them to tackle not just secrets identification but the broader IAM and non-human identity (NHI) and secrets lifecycle problem.
The growth of Truffle Security is a demonstration of the team’s technical excellence and relentless product mindset. They are very committed to supporting their large enterprise customers, constantly at the ready to rapidly implement new feature requests and build for security teams of the future. As a result, Truffle Security has seen strong commercial traction with large enterprises at very low burn ratios – a testament to the depth of their product and the ROI recognized by application security leaders.
Our investment accelerates Truffle Security’s mission to make secrets management frictionless, secure, and comprehensive for modern enterprises, and it positions them to tackle the broader IAM and NHI market opportunity with confidence.
