Truffle Security is raising funds to develop TruffleHog Enterprise for enterprise-grade secrets detection, verification, and remediation, and to launch TruffleHog GCP Analyze for visibility into leaked Google Cloud service accounts.

The GCP Add-on will help security teams assess impact, prioritize risks, and accelerate response, thereby reducing remediation time.

Industry observer notes that expanding AI in software expands the security surface, and Truffle Security is addressing secret exposure at scale.

The funding round was led by Intel Capital and Andreessen Horowitz (a16z), with participation from Abstract Ventures, Lytical Ventures, and several angels.

Investors also include Abstract Ventures, Lytical Ventures, and individual backers such as Casey Ellis, Emilio Escobar, and Haroon Meer.

The round was led by Intel Capital and a16z to support growth of TruffleHog Enterprise and related offerings.

Truffle Security provides verification and remediation to determine if discovered secrets are active, their access scope, and blast radius to prioritize response.

The funding underlines strong interest in cybersecurity startups focused on secret management and remediation.

Truffle Security announced a $25 million Series A round, expanding total funding and backing go-to-market and product development.

In addition, the company has disclosed a Series B of $25 million, raising total funding to over $40 million.

The Series A, led by Intel Capital and a16z, aims to grow TruffleHog Enterprise and extend nonhuman identity protection across codebases and cloud environments.

The fundraising signals investor confidence in solutions addressing secret leakage and credentials security for developers and organizations.

Truffle Security is known for TruffleHog, an open-source secret scanning tool that detects leaked secrets across environments, including API keys, passwords, tokens, and NHIs in chat systems, support tickets, and code repositories.

TruffleHog Enterprise is an enterprise-grade tool for detecting and remediating leaked secrets within code repositories and across development lifecycles.

The company offers an open-source tool that detects, verifies, and remediates leaked secrets such as API keys.

Funding will support scaling go-to-market and customer success, accelerate innovation, and expand secret scanning capabilities.

The new GCP Analyze add-on provides immediate context on Google Cloud Platform secrets, including resource access, inheritance, and permissions blast radius to speed remediation.

GCP Analyze aims to reduce remediation time by clarifying IAM implications and eliminating false positives for secrets leaks.

TruffleHog searches for secrets in hidden content, deleted code, and version history across Google Cloud, GitHub, and other platforms.

Before this round, Truffle Security had raised a $14 million Series A in December 2021.