Semaphore API Token
Service Name: Semaphore CI/CD
Service Description: Semaphore is a cloud-based continuous integration and delivery (CI/CD) platform that helps development teams automate their testing and deployment workflows.
Service Address: https://semaphoreci.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the organization level through the Semaphore dashboard.
Secret Access Scope: Grants programmatic access to Semaphore CI/CD resources, including the ability to trigger builds, access project information, and manage workflows.
Secret Revokement URL: https://docs.semaphoreci.com/account-management/api-tokens/
Secret Example: semaphore_api_aBcD1234EfGh5678IjKl
Suspicious Activity Investigation Instructions:
- Review the Semaphore audit logs for unusual build triggers or project access.
- Check for unauthorized project creation or modification.
- Monitor for unexpected workflow changes or deployments.
- Examine build history for unusual patterns or unauthorized access.
- Review organization settings for any unauthorized changes.
Mitigation Instructions:
- Log in to your Semaphore account and navigate to the Settings page.
- Go to the API Tokens section.
- Locate the compromised token and click the Delete button.
- Create a new token with appropriate permissions if needed.
- Update any CI/CD configurations or scripts that were using the old token.
- Review and update access permissions for your Semaphore projects.
- Consider enabling additional security features like two-factor authentication for your Semaphore account.