Skip to content

Fortanix Vault Key

Service Name: Fortanix Data Security Manager (DSM)

Service Description: Fortanix Data Security Manager is a unified platform for encryption, key management, tokenization, and secrets management. It provides centralized control for cryptographic keys and secrets across cloud and on- premises environments.

Service Address: https://www.fortanix.com/products/data-security-manager

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through Fortanix DSM access policies.

Secret Access Scope: Grants access to encrypt/decrypt data, manage cryptographic keys, and perform other cryptographic operations within the Fortanix DSM platform.

Secret Revokement URL: https://support.fortanix.com/hc/en-us/articles/360016160451-User-Management

Secret Example: ftx-v1:aBc123XyZ456_7890qWeRtYuIoP:aSdFgHjKlZxCvBnM

Suspicious Activity Investigation Instructions:

  • Review the Fortanix DSM audit logs for unusual key access or operations
  • Check for unexpected key usage patterns or access from unusual locations
  • Monitor for unauthorized key creation, deletion, or modification
  • Verify if sensitive operations like key exports have been performed
  • Examine authentication logs for failed login attempts or unusual access times

Mitigation Instructions:

  • Immediately rotate the compromised API key in the Fortanix DSM console

  • Revoke the compromised key through the Fortanix DSM user management

interface

  • Review and update access policies to restrict key usage to necessary

operations only

  • Enable multi-factor authentication for all users with access to the Fortanix DSM
  • Implement IP-based access restrictions for API access
  • Review all cryptographic operations performed with the compromised key
  • Consider re-encrypting sensitive data if the key was used for data encryption