LambdaTest API Key
Service Name: LambdaTest
Service Description: LambdaTest is a cloud-based cross-browser testing platform that allows developers and QA teams to test their websites and web applications across various browsers, operating systems, and devices.
Service Address: https://www.lambdatest.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the organization level through LambdaTest's security settings.
Secret Access Scope: Grants programmatic access to LambdaTest's automation testing services, including running tests, accessing test results, and managing test configurations.
Secret Revokement URL: https://accounts.lambdatest.com/profile/api-access
Secret Example: lt_a123b456c789d012e345f678g901h234
Suspicious Activity Investigation Instructions:
- Review the LambdaTest dashboard for unusual test executions or unauthorized access.
- Check the API usage logs for suspicious activities or unexpected test runs.
- Monitor for tests being run from unusual locations or at unusual times.
- Review the test history to identify any unauthorized or unexpected test configurations.
- Check for any changes in test environment settings or configurations.
Mitigation Instructions:
- Log in to your LambdaTest account and navigate to the profile settings.
- Go to the API Access section in your profile.
- Revoke the compromised API key by clicking on the "Revoke" button.
- Generate a new API key if needed.
- Update all legitimate applications and CI/CD pipelines with the new API key.
- Review and update IP restrictions if available in your plan.
- Enable two-factor authentication for your LambdaTest account if not already enabled.
- Review and update access permissions for team members if applicable.