Skip to content

Azure Cognitive

Services Account Key

Service Name: Azure Cognitive Services

Service Description: Azure Cognitive Services is a suite of AI services and APIs that enable developers to build intelligent applications with powerful algorithms using just a few lines of code. These services can be used to add cognitive features like vision, speech, language, and decision-making capabilities to applications.

Service Address: https://azure.microsoft.com/en-us/products/cognitive-services/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the Azure Cognitive Services resource level through Azure networking features and firewall rules.

Secret Access Scope: Grants programmatic access to specific Azure Cognitive Services resources and APIs, allowing for operations like text analysis, image recognition, speech-to-text, and other AI capabilities.

Secret Revokement URL: https://portal.azure.com/ (Navigate to your Cognitive Services resource > Access keys > Regenerate keys)

Secret Example: a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0

Suspicious Activity Investigation Instructions:

  • Review Azure Activity Logs for unusual API calls or access patterns
  • Check Azure Monitor for unexpected spikes in resource usage or API calls
  • Examine IP addresses that have been accessing the Cognitive Services resource
  • Review billing information for unexpected charges or usage
  • Check for unauthorized applications or services using the key

  • Monitor for unusual geographic access patterns

Mitigation Instructions:

  • Immediately regenerate the Cognitive Services account key in the Azure Portal
  • Navigate to your Cognitive Services resource in the Azure Portal
  • Select "Keys and Endpoint" from the left menu
  • Click "Regenerate Key" for the compromised key
  • Update all legitimate applications with the new key
  • Implement network security rules to restrict access by IP address
  • Consider implementing Azure Private Link for more secure access
  • Set up Azure Monitor alerts to detect unusual activity
  • Review and update access policies and permissions
  • Consider implementing Azure Key Vault to securely store and manage the key