PostHog
Service Name: PostHog
Service Description: PostHog is an open-source product analytics platform that helps teams understand user behavior. It offers features like event tracking, session recording, feature flags, and A/B testing to help businesses make data-driven decisions.
Service Address: https://posthog.com/
- Validation Type: API Auth
- IP Allow list: Does not exist
- Secret Access Scope: Grants access to PostHog analytics data, feature flags,
and admin capabilities.
- Secret Revokement URL: Does not exist
- Secret Example:
phc_a1b2c3d4e5f6g7h8i9j0k1l2m3n4o5p6q7r8s9t0u1v2w3x4y5z6a7b8c9
- Suspicious Activity Investigation Instructions:
- Check PostHog dashboard for unusual data access patterns
- Review API usage logs for unexpected API calls
- Monitor for unusual data exports or configuration changes
- Check for unauthorized feature flag changes
- Verify if any new team members have been added without authorization
- Mitigation Instructions:
- Log in to your PostHog account
- Navigate to Project Settings
- Select API Keys
PostHog API Key
- Identify the compromised key
- Click "Revoke" next to the compromised key
- Create a new API key if needed
- Update all applications using the old key with the new key