Fortanix Vault Key
Service Name: Fortanix Data Security Manager (DSM)
Service Description: Fortanix Data Security Manager is a unified platform for encryption, key management, tokenization, and secrets management. It provides centralized control for cryptographic keys and secrets across cloud and on- premises environments.
Service Address: https://www.fortanix.com/products/data-security-manager
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through Fortanix DSM access policies.
Secret Access Scope: Grants access to encrypt/decrypt data, manage cryptographic keys, and perform other cryptographic operations within the Fortanix DSM platform.
Secret Revokement URL: https://support.fortanix.com/hc/en-us/articles/360016160451-User-Management
Secret Example: ftx-v1:aBc123XyZ456_7890qWeRtYuIoP:aSdFgHjKlZxCvBnM
Suspicious Activity Investigation Instructions:
- Review the Fortanix DSM audit logs for unusual key access or operations
- Check for unexpected key usage patterns or access from unusual locations
- Monitor for unauthorized key creation, deletion, or modification
- Verify if sensitive operations like key exports have been performed
- Examine authentication logs for failed login attempts or unusual access times
Mitigation Instructions:
-
Immediately rotate the compromised API key in the Fortanix DSM console
-
Revoke the compromised key through the Fortanix DSM user management
interface
- Review and update access policies to restrict key usage to necessary
operations only
- Enable multi-factor authentication for all users with access to the Fortanix DSM
- Implement IP-based access restrictions for API access
- Review all cryptographic operations performed with the compromised key
- Consider re-encrypting sensitive data if the key was used for data encryption