Keen IO Read Key
Service Name: Keen IO
Service Description: Keen IO is a cloud analytics platform that allows developers to collect, analyze, and visualize events from their applications. It provides APIs for event data collection, analysis, and visualization.
Service Address: https://keen.io/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the project level through Keen IO's access control settings.
Secret Access Scope: Grants read-only access to analytics data within a specific Keen IO project. Read keys allow querying and retrieving data but not modifying or writing new data.
Secret Revokement URL: https://keen.io/dashboard/ (Navigate to your project settings to manage API keys)
Secret Example: a23bc45def67gh89ij01kl23mn45op67qr89st0u
Suspicious Activity Investigation Instructions:
- Review Keen IO dashboard for unusual query patterns or data access.
- Check access logs for unexpected IP addresses or locations accessing your data.
- Monitor for increased API usage or abnormal query volumes.
- Verify if queries are accessing sensitive data collections.
- Look for unauthorized data exports or downloads.
Mitigation Instructions:
-
Log in to your Keen IO dashboard.
-
Navigate to your project settings.
- Locate the compromised read key in the API Keys section.
- Delete the compromised key.
- Generate a new read key with appropriate permissions.
- Update your applications with the new key.
- Consider implementing more restrictive access controls on your project.
- Review and update your security policies for handling API keys.