Glossary
Blast Radius
What Is Blast Radius?
Blast radius — formally named Supply Chain Impact Analysis in NetRise product documentation — is the measurable downstream impact of a compromised package, repository, or maintainer, capturing every direct and transitive dependent that inherits risk when something goes wrong upstream, including the products, builds, vendors, and environments that touched the affected software.
In modern software, a single malicious or vulnerable package rarely lives in isolation. It propagates through dependency graphs into thousands of products, builds, and environments — often without any team realizing it. When the Trivy, LiteLLM, and Axios compromises hit in a single two-week window in 2026, the security question for every affected organization was not "did the package exist?" — it was "where did it spread, and how quickly can we stop it?" Scoping that manually can take days. Most incident response windows close in hours.
NetRise Provenance maps direct and reverse dependencies to size blast radius in minutes. Security and engineering teams can determine which products, builds, suppliers, and environments inherited the risk — and act on a defensible scope rather than guessing.
Related Terms
NetRise Provenance · Downstream Impact · Direct Dependency · Transitive Dependency · Software Supply Chain Attack · Package Firewall Manager


