AppDynamics API Key
Service Name: AppDynamics
Service Description: AppDynamics is an application performance management (APM) and IT operations analytics (ITOA) solution that provides real-time monitoring and analytics for applications, helping organizations detect and resolve performance issues.
Service Address: https://www.appdynamics.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through AppDynamics Controller settings.
Secret Access Scope: Grants programmatic access to AppDynamics Controller API, allowing management of applications, business transactions, metrics, and alerts.
Secret Revokement URL: https://docs.appdynamics.com/appd/22.x/latest/en/extend-appdynamics/appdynamics-apis/api-clients
Secret Example: f3c04e7f-4b1d-4c9b-9d38-c9a8e7e5a433
Suspicious Activity Investigation Instructions:
- Review the AppDynamics audit logs for unusual API calls or access patterns
- Check for unexpected changes to application configurations, dashboards, or health rules
- Monitor for unauthorized data exports or configuration changes
- Verify if there are any new API clients or unexpected access from unfamiliar IP addresses
- Look for unusual query patterns or high-volume requests that could indicate data scraping
Mitigation Instructions:
- Log in to your AppDynamics Controller UI
- Navigate to Settings > Administration > API Clients
- Locate the compromised API key and delete it
- Create a new API key with appropriate permissions if needed
- Review and update API client permissions to follow the principle of least privilege
- Enable IP restrictions for API access if not already configured
- Consider implementing shorter rotation periods for API keys
- Update any applications or integrations using the old key with the new credentials
- Monitor for any continued unauthorized access attempts using the revoked key