Truffle Security, the company behind TruffleHog™, a leading open-source security project that makes it easier to identify and fix exposed secrets before hackers exploit them, led by Dylan Ayrey and Dustin Decker, has secured a $25 million Series B funding round led by Intel Capital and a16z. The round also includes participation from Abstract, Lytical Ventures, and prominent security leaders Casey Ellis (Founder, BugCrowd), Emilio Escobar (CISO, Datadog), and Haroon Meer (Founder & CEO, Thinkst).

Martin Casado, General Partner at Andreessen Horowitz, highlighted that as AI changes software development, the security surface grows rapidly. Truffle Security addresses the urgent challenge of protecting codebases from secret exposure at scale, defining the future of software security in the AI era.

The funding will drive the growth of TruffleHog Enterprise, its enterprise-grade secrets detection, verification, and remediation platform, and accelerate innovation in secrets and NHI protection. It also supports the launch of TruffleHog GCP Analyze, providing organizations with deep visibility into leaked Google Cloud NHIs for faster risk assessment and remediation prioritization.

Nick Washburn of Intel Capital highlighted that compromised credentials drive many data breaches. TruffleHog GCP Analyze and the new funding advance Truffle Security’s mission to deliver secure, comprehensive secrets management.

Verizon’s 2025 report shows credential misuse remains a top cause of security incidents. As API keys, tokens, and service accounts multiply across clouds, Truffle Security helps organizations detect, validate, and remediate exposed credentials before they lead to breaches. Travis McPeak, Security Engineer at Anysphere (the company behind Cursor), emphasized that exposed secrets are often the easiest way for organizations to be compromised, even without sophisticated exploits.

TruffleHog Enterprise demand has surged, doubling revenue and expanding adoption across tech, retail, and financial services. Funding will boost go-to-market, product development, and NHI coverage on AWS and Azure. Open-source growth remains strong, with 23K+ GitHub stars and 250K+ daily runs.

TruffleHog GCP Analyze speeds GCP secret remediation by instantly showing access, inheritance, and blast radius, letting teams assess risk, prioritize, and respond faster. Built on TruffleHog Enterprise’s verified detection, it’s the first of several planned cloud context-aware tools.