Fastly API Key
Service Name: Fastly
Service Description: Fastly is a cloud computing services provider that offers content delivery network (CDN), edge computing, security, and streaming media services. It helps businesses deliver fast, secure, and scalable online experiences.
Service Address: https://www.fastly.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the service level through Fastly's ACL (Access Control Lists) feature.
Secret Access Scope: Grants programmatic access to Fastly's API, allowing management of CDN configurations, purging content, viewing analytics, and administering account settings.
Secret Revokement URL: https://docs.fastly.com/en/guides/using-api-tokens#deleting-an-api-token
Secret Example: d3v7355a9091976c4c58a7e42b88c53c
Suspicious Activity Investigation Instructions:
- Review Fastly logs for unusual API calls or configuration changes.
- Check for unexpected service configurations or domain additions.
- Monitor for unauthorized purge requests or edge dictionary modifications.
- Examine account audit logs for suspicious user activity.
- Verify if there are unexpected changes to VCL (Varnish Configuration Language) files.
Mitigation Instructions:
- Log in to your Fastly account and navigate to the "Account" section.
- Select API tokens from the Personal API tokens menu.
- Locate the compromised token in the list.
- Click the trash can icon next to the token to delete it.
- Create a new API token with appropriate scopes if needed.
- Update any applications or services that were using the old token.
- Review and update your token management practices to prevent future exposures.
- Consider implementing token rotation policies for enhanced security.