Deadshot: Keep Sensitive Data Out of Code
Blog post from Twilio
Twilio's Product Security team created Deadshot, an automated service that monitors GitHub repositories in real-time for sensitive data, such as credentials or SQL statements. The service uses regular expressions to scan pull request diffs and flags issues for a manual review. Deadshot is designed to be a deploy-and-forget solution, requiring minimal maintenance, and can be integrated with Slack channels and Jira tickets. It has proven to be effective in catching sensitive data at Twilio and is now being released as open source, allowing others to benefit from its functionality.
| Trend | Post Mentions | Total Month Mentions | Posts | Companies | MoM |
|---|---|---|---|---|---|
| Secrets Management | 2 | 449 | 53 | 30 | -56% |
| Real-time | 1 | 802 | 286 | 88 | +12% |
Use this post, company, and trend context to find content marketing opportunities, perform competitive analysis, or address product feature gaps via the Plushcap MCP server or the Plushcap API.