API Security

Calculate Your API Key Blast Radius

Paste an AWS, GCP, or Azure API key and instantly see the maximum financial damage an attacker could cause if it leaked — before they do.

Get Access — $25/mo

Cancel anytime. No keys stored. Read-only analysis.

🔍

Permission Audit

Maps every IAM role and policy attached to your key

💸

Cost Estimate

Worst-case spend if an attacker maxes out your quotas

🛡️

Remediation Tips

Actionable steps to reduce your blast radius immediately

Pro Plan

$25

per month

✓Unlimited key analyses
✓AWS, GCP & Azure support
✓Real-time permission mapping
✓Worst-case cost simulation
✓Remediation recommendations
✓Priority email support

Start Now

Frequently Asked Questions

Which cloud providers are supported?

AWS, Google Cloud Platform, and Microsoft Azure. We analyze IAM permissions, service quotas, and current usage to estimate maximum blast radius.

Is it safe to enter my API keys?

Keys are never stored. Analysis runs in-memory and all data is discarded after your session. We use read-only permission checks only.

How is the damage estimate calculated?

We query your provider's pricing API, enumerate accessible resources and service limits, then compute worst-case cost if an attacker spun up maximum allowed resources.