Skip to content

BuildKite

Service Name: BuildKite

Service Description: BuildKite is a CI/CD platform that combines the power of your own infrastructure with their hosted orchestration to create fast, secure, and scalable pipelines.

Service Address: https://buildkite.com/

Validation Type: API Auth

IP Allow list: Does not exist

Secret Access Scope: Grants access to BuildKite API resources based on the token's permissions.

Secret Revokement URL: https://buildkite.com/user/api-access-tokens

Secret Example: bkua_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6

Suspicious Activity Investigation Instructions:

  • Check BuildKite audit logs for unauthorized build triggers or configuration changes.
  • Review API access logs for unusual patterns of access or API calls.
  • Verify if any pipelines have been modified unexpectedly.
  • Check for unauthorized webhooks or integrations added to your BuildKite organization.

Mitigation Instructions:

  • Immediately revoke the compromised token through the BuildKite dashboard.
  • Go to User Settings > API Access Tokens.
  • Find the compromised token and select Revoke.
  • Create a new token with appropriate scopes if needed.
  • Review and update any applications or services that were using the compromised token.
  • Consider implementing IP restrictions for API access if available.