Keen IO Master Key
Service Name: Keen IO
Service Description: Keen IO is a cloud analytics platform that allows developers to collect, analyze, and visualize events from their applications. It provides APIs for event data collection, analysis, and visualization capabilities.
Service Address: https://keen.io/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the project level through the Keen IO dashboard.
Secret Access Scope: Grants full access to a Keen IO project, including the ability to read and write data, create queries, and manage project settings.
Secret Revokement URL: https://keen.io/dashboard/[PROJECT_ID]/settings
Secret Example: a8b4c7e9f1d3a5b7c9e1f3a5d7b9c1e3f5a7b9c1e3f5a7b9
Suspicious Activity Investigation Instructions:
- Review the Keen IO dashboard for unusual query patterns or data access.
- Check for unexpected data exports or large volumes of queries.
- Monitor for unauthorized project changes or settings modifications.
- Examine API logs for requests from unfamiliar IP addresses or locations.
- Look for unusual spikes in API usage or data consumption.
Mitigation Instructions:
- Log in to your Keen IO dashboard.
- Navigate to your project settings.
- Locate the API Keys section.
- Revoke the compromised master key.
- Generate a new master key.
- Update all legitimate applications and services with the new key.
- Consider implementing scoped keys with limited permissions instead of using the master key.
- Review and update access controls for your Keen IO project.
- Enable additional security features like IP restrictions if available.