Case Study: Gett achieves automated secrets detection and remediation with Truffle Security's TruffleHog

Gett rides with TruffleHog to automate secrets detection and remediation

Gett, a company behind a cloud-based ride-management platform, faced the challenge of identifying and remediating historical leaks of secrets within its codebase. With a small security team, they needed an efficient solution that could automate detection and, crucially, verify which exposed secrets were live to avoid a labor-intensive manual validation process. They turned to the vendor Truffle Security and their product TruffleHog for a solution.

TruffleHog provided automation by not only detecting secrets but also validating if they were live, which drastically reduced false positives and manual effort for Gett's developers. The solution was integrated throughout Gett’s software development lifecycle and cloud environment, leading to a dramatic reduction in potential leaks and new alerts. This built trust between security and development teams by providing actionable, verified information and helped reinforce Gett's overall security posture.

Gett

Andy Pannell

Application Security Lead