Sauce Labs Access Token
Service Name: Sauce Labs
Service Description: Sauce Labs is a cloud-based testing platform that provides automated testing for web and mobile applications across various browsers, operating systems, and devices. It offers cross-browser testing, mobile app testing, and continuous integration capabilities.
Service Address: https://saucelabs.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through the Sauce Labs dashboard.
Secret Access Scope: Grants programmatic access to Sauce Labs testing infrastructure, allowing users to run automated tests, access test results, and manage testing resources.
Secret Revokement URL: https://app.saucelabs.com/user-settings
Secret Example: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Suspicious Activity Investigation Instructions:
- Review the Sauce Labs dashboard for unusual testing activity or resource usage.
- Check the access logs for unauthorized IP addresses or locations accessing your account.
- Monitor for unexpected test executions or unusual patterns in test runs.
- Review billing information for unexpected charges or resource consumption.
- Check if any unauthorized test configurations have been created or modified.
Mitigation Instructions:
- Log in to your Sauce Labs account at https://app.saucelabs.com/.
- Navigate to Account > User Settings.
- Under the "Access Key" section, click on "Reset Access Key".
- Confirm the reset when prompted.
- Update the access key in all legitimate applications, CI/CD pipelines, and automation scripts.
- Review and update any IP restrictions in your account settings.
- Enable two-factor authentication for additional security.
- Audit team member access and remove any unnecessary user accounts.