Security Tool

Map What Each API Key Can Access

Scan your codebase and infrastructure configs to instantly visualize the blast radius of every API key — before an attacker does.

Start Analyzing — $25/mo

No credit card required for free scan. Cancel anytime.

GitHub & GitLab syncTerraform & K8s supportVisual blast radius mapsSlack alertsSOC2 ready

$ blast-radius scan ./infra

Scanning 1,204 files...

Found 14 API keys across 6 services

⚠ STRIPE_SECRET_KEY — blast radius: 3 services, $42k MRR exposure

✖ AWS_ACCESS_KEY — blast radius: FULL ACCOUNT (S3, RDS, Lambda)

✔ SENDGRID_API_KEY — blast radius: email only (low risk)

Simple Pricing

$25/month

Everything you need to stay ahead of API key exposure.

  • Unlimited repository scans
  • Visual blast radius reports
  • Terraform, K8s, Docker support
  • GitHub & GitLab integration
  • Slack & email alerts
  • Priority support
Get Started

FAQ

How does the scanner work?

You connect your repository or upload a zip. We parse source files, IaC configs (Terraform, Helm, Docker), and CI/CD pipelines to detect API keys and trace every call site to map the services each key can reach.

Is my code stored on your servers?

No. Scans run ephemerally and code is never persisted. Only the resulting blast radius metadata is stored so you can view reports later.

What languages and platforms are supported?

JavaScript, TypeScript, Python, Go, Ruby, Java, and PHP. Infrastructure support includes Terraform, Kubernetes YAML, Helm charts, Dockerfiles, and GitHub Actions.