Skip to content

CrossBrowserTesting API Key

Service Name: CrossBrowserTesting

Service Description: CrossBrowserTesting is a cloud-based testing platform that allows developers and QA teams to test websites and mobile applications across multiple browsers, operating systems, and devices.

Service Address: https://crossbrowsertesting.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through the CrossBrowserTesting dashboard.

Secret Access Scope: Grants programmatic access to CrossBrowserTesting's API, allowing users to run automated tests, access screenshots, and manage test configurations.

Secret Revokement URL: https://app.crossbrowsertesting.com/account/apikey

Secret Example: u123456789abcdef123456789abcdef1

Suspicious Activity Investigation Instructions:

  • Review the CrossBrowserTesting dashboard for unusual test runs or activities.
  • Check API usage logs for unauthorized access or unusual patterns.
  • Monitor for tests being run from unexpected locations or at unusual times.
  • Review any automated test scripts that might be using the compromised API key.
  • Check for unexpected billing charges that might indicate unauthorized usage.

Mitigation Instructions:

  • Log in to your CrossBrowserTesting account.
  • Navigate to Account > API Access.

  • Click on "Reset API Key" to invalidate the current key and generate a new one.

  • Update all legitimate applications and scripts with the new API key.
  • Review and update any IP restrictions for your account if available.
  • Consider implementing additional security measures such as regular key rotation.

  • Review access logs to determine the extent of any potential breach.