Blog
93 HackerOne Reports Show the Same AWS Blast Radius Problem
We analyzed 1,169 AWS-related HackerOne reports. The dominant pattern: SSRF or leaked credentials become full infrastructure access because nobody measured the blast radius of the compromised identity.
What the LexisNexis Breach Teaches Us About Blast Radius in AWS
A single ECS task role with read access to every secret in the account. The LexisNexis breach is a textbook case of why blast radius validation matters.