Incident scoping
Full workflow
Complete guide (limitations, CI, published lens): incident-scoping
Why use CCE
During an incident involving a compromised SDK, leaked credential type, or failing cloud API, responders need to know which services call the affected API — fast. Searching Slack and dependency files wastes minutes when call-site maps already exist.
CCE scopes blast radius by listing every call site for the incident-related API prefix across a repo or org.
Example command
cce -folder . -language AUTO -filter cloud -format json -output scan.json