Sentry DSN
Service Name: Sentry
Service Description: Sentry is an application monitoring and error tracking software that helps developers identify and fix crashes in real time. It provides visibility into application performance and helps teams prioritize errors based on user impact.
Service Address: https://sentry.io/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the organization level through Sentry's security settings.
Secret Access Scope: A Sentry DSN (Data Source Name) allows applications to send error events to the associated Sentry project. It contains the credentials and project identifier needed to authenticate with Sentry's API for event submission.
Secret Revokement URL: https://sentry.io/settings/projects/[project-name]/keys/
Secret Example: https://a1b2c3d4e5f6g7h8i9j0@o123456.ingest.sentry.io/7654321
Suspicious Activity Investigation Instructions:
- Review the Sentry dashboard for unusual error reporting patterns or volume spikes.
- Check the project settings to see if the DSN has been used from unexpected locations or applications.
- Examine the event history to identify potentially malicious error reports or data exfiltration attempts.
- Verify that the DSN is only being used by authorized applications and environments.
- Review organization audit logs for any suspicious administrative actions.
Mitigation Instructions:
- Navigate to your Sentry project settings at https://sentry.io/settings/projects/[project-name]/keys/
- Locate the compromised DSN in the "Client Keys (DSN)" section.
- Click on the "Revoke" button next to the compromised DSN.
- Create a new DSN by clicking "Create New Key" if needed.
- Update all legitimate applications with the new DSN value.
- Consider implementing additional security measures like IP allowlisting in your Sentry organization settings.
- Review your code repositories and CI/CD pipelines to ensure DSNs are not exposed in public repositories.