Deadshot: Keep Sensitive Data Out of Code

Twilio's Product Security team created Deadshot, an automated service that monitors GitHub repositories in real-time for sensitive data, such as credentials or SQL statements. The service uses regular expressions to scan pull request diffs and flags issues for a manual review. Deadshot is designed to be a deploy-and-forget solution, requiring minimal maintenance, and can be integrated with Slack channels and Jira tickets. It has proven to be effective in catching sensitive data at Twilio and is now being released as open source, allowing others to benefit from its functionality.