Detecting sensitive data leaks in complex, distributed systems is hard. Data moves through countless layers, services, and paths that aren’t always predictable. How do you catch API keys, tokens, or credentials that shouldn’t be there — without grinding your systems to a halt?

At Figma, we built Response Sampling to solve this problem. It gives us continuous visibility into what’s leaving our systems, allowing us to detect potential data exposure early and at scale.

The key was taking a platform-security approach: treating application surfaces like infrastructure and layering continuous monitoring on top. This lets our security team stay ahead of issues while keeping engineers moving quickly.

Read the full post to learn how we implemented scalable detection and built smarter visibility across our services:

Visibility at scale: How Figma detects sensitive data exposure