Skip to content

Pingdom Token

Service Name: Pingdom

Service Description: Pingdom is a website monitoring service that checks the uptime, performance, and functionality of websites and web applications. It provides real-time alerts and detailed reports on website availability and performance metrics.

Service Address: https://www.pingdom.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through Pingdom's security settings.

Secret Access Scope: Pingdom API tokens grant access to monitor, configure, and manage Pingdom checks, contacts, and reports. They allow programmatic access to Pingdom's monitoring services.

Secret Revokement URL: https://my.pingdom.com/app/api-tokens

Secret Example: ping_12345678901234567890abcdefghijkl

Suspicious Activity Investigation Instructions:

  • Review the Pingdom account activity logs for unauthorized changes to monitoring configurations.
  • Check for newly created or modified checks that you don't recognize.
  • Look for changes in notification settings or contact information.
  • Verify if there are any unexpected API calls made using the token.
  • Monitor for unusual patterns in API usage frequency or volume.

Mitigation Instructions:

  • Log in to your Pingdom account at my.pingdom.com.
  • Navigate to Settings > API Tokens.
  • Locate the compromised token in the list.
  • Click the Delete or Revoke button next to the token.
  • Create a new API token with appropriate permissions if needed.
  • Update any legitimate applications or services that were using the old token.
  • Review and adjust the permissions of the new token to follow the Principle of Least Privilege.
  • Consider implementing IP restrictions for API access if available in your plan.