Doppler Logo
Security
2 min read

Truffle Security Recommends Doppler For Remediating Leaked Secrets

Keeping your secrets secure is not just about secrets management, but detecting accidental leaks when they occur and fixing them fast.

Aug 07, 2021
Ryan Blunden Avatar
Ryan Blunden
Senior Developer Advocate
Truffle Security Recommends Doppler For Remediating Leaked Secrets
Back to the blog
Truffle Security Recommends Doppler For Remediating Leaked Secrets
Share
Security

If an engineering leader asked you "How we are protecting ourselves against the accidental leakage of secrets?", what would you say?

It's not an easy question to answer, especially for those more on the Developer side of DevOps who often don't have a background or focus on security.

The answer we see emerging is a two-pronged offensive strategy:

  • Secure Secrets Management: Sensitive data such as API keys and database credentials must be stored in an encrypted, audited, and accessed controlled secrets manager.
  • Secrets Leakage Detection: Continuous scanning of environments for leakage of credentials in places such as Slack channels, Git repositories, and other internal systems (e.g. task trackers and Wiki's)

While Doppler addresses secrets management, Truffle Security, the company behind the popular free and open source secrets scanner TruffleHog, is on a mission to detect and prevent the accidental leakage of secrets and credentials.

Dylan Ayrey, Co-Founder of Truffle Security recently published a blog post explaining why Doppler is their recommended for solution for enterprise companies looking for an instant remediation strategy once secret leaks are detected and no secrets manager is present:

There’s a lot of different secrets management solutions out there, but many of them aren’t very user friendly, and can be difficult to set up. One we’ve had our eye on recently is Doppler.

It's not just about mitigating the risks of secrets being leaked, as that will inadvertently happen, but what is critical, is how fast you can respond, revoke, and roll any leaked credentials. Again, from Dylan:

The more approachable and usable your secrets management solution is, the quicker leaked keys can be rotated out, and the less exposure time they have to bad actors.

Truffle Security and Doppler are a formidable team in keeping your secrets secure, giving attackers the least possible chance of getting their hands on valid credentials before their leakage has been detected and credentials revoked.

Stay up to date with new platform releases and get to know the team of experts behind them.

Related Content

Explore More
Doppler earns 22 new G2 badges
Company
Doppler earns 22 new G2 badgesTake a closer look at the awards and the feedback that made us the top choice for DevOps teams.
Read More
Improving Code Reviews with Storytelling
Engineering
Improving Code Reviews with StorytellingAs we've woven commit narratives into the fabric of our code review process, we've seen firsthand how powerful it can be.
Read More
Third-Party Cookies: Adapting in a New Marketing Era
Company
Third-Party Cookies: Adapting in a New Marketing EraLearn about the end of third-party tracking and the implications for digital marketing.
Read More

Enter the new era of secrets management

Trusted by the world’s best DevOps and security teams. Doppler is the secrets manager developers love.

Start For FreeGet Demo