IBM Watson API Key
Service Name: IBM Watson
Service Description: IBM Watson is a suite of enterprise-ready AI services, applications, and tooling that helps businesses unlock the value of artificial intelligence. It provides natural language processing, machine learning, and other AI capabilities through APIs.
Service Address: https://www.ibm.com/watson
Validation Type: API Auth
IP Allow list: IP restrictions can be configured through IBM Cloud IAM settings for API key access management.
Secret Access Scope: Grants programmatic access to IBM Watson services including Assistant, Discovery, Natural Language Understanding, Speech to Text, Text to Speech, and other Watson AI services.
Secret Revokement URL: https://cloud.ibm.com/iam/apikeys
Secret Example: 1234abcd-12ab-34cd-56ef-1234567890ab
Suspicious Activity Investigation Instructions:
- Review IBM Cloud Activity Tracker logs for unusual API calls or service access.
- Check for unexpected usage spikes in your IBM Watson services.
- Monitor for unauthorized service instances or resource creation.
- Review billing information for unexpected charges related to Watson services.
- Check for API calls from unfamiliar IP addresses or locations.
Mitigation Instructions:
- Log in to the IBM Cloud console at https://cloud.ibm.com/
-
Navigate to Manage > Access (IAM) > API keys
-
Locate the compromised API key in the list
- Click the "Actions" menu (three dots) next to the key
- Select "Delete" to revoke the key immediately
- Create a new API key with appropriate access controls
- Update your applications with the new API key
- Consider implementing more restrictive access policies for the new key
- Enable multi-factor authentication for your IBM Cloud account if not already
enabled