Pingdom Token
Service Name: Pingdom
Service Description: Pingdom is a website monitoring service that checks the uptime, performance, and functionality of websites and web applications. It provides real-time alerts and detailed reports on website availability and performance metrics.
Service Address: https://www.pingdom.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through Pingdom's security settings.
Secret Access Scope: Pingdom API tokens grant access to monitor, configure, and manage Pingdom checks, contacts, and reports. They allow programmatic access to Pingdom's monitoring services.
Secret Revokement URL: https://my.pingdom.com/app/api-tokens
Secret Example: ping_12345678901234567890abcdefghijkl
Suspicious Activity Investigation Instructions:
- Review the Pingdom account activity logs for unauthorized changes to monitoring configurations.
- Check for newly created or modified checks that you don't recognize.
- Look for changes in notification settings or contact information.
- Verify if there are any unexpected API calls made using the token.
- Monitor for unusual patterns in API usage frequency or volume.
Mitigation Instructions:
- Log in to your Pingdom account at my.pingdom.com.
- Navigate to Settings > API Tokens.
- Locate the compromised token in the list.
- Click the Delete or Revoke button next to the token.
- Create a new API token with appropriate permissions if needed.
- Update any legitimate applications or services that were using the old token.
- Review and adjust the permissions of the new token to follow the Principle of Least Privilege.
- Consider implementing IP restrictions for API access if available in your plan.