Twilio Account SID
Service Name: Twilio
Service Description: Twilio is a cloud communications platform that enables developers to build, scale, and operate customer engagement within their software applications through APIs for voice, text, chat, video, and email.
Service Address: https://www.twilio.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the account level through Twilio's IP Access Management feature.
Secret Access Scope: Grants programmatic access to Twilio services including SMS, voice calls, authentication, and other communication APIs. The specific access depends on the API key's permissions.
Secret Revokement URL: https://www.twilio.com/console/project/api-keys
Secret Example: SK2a0747ed6f9a4eb49e34bbf4977b6b89
Suspicious Activity Investigation Instructions:
-
Review Twilio Console logs for unusual API calls or resource access.
-
Check the Monitor section in Twilio Console for unexpected activity.
-
Review usage metrics for unusual spikes in API calls or messaging volume.
-
Examine the IP addresses that have been using the API key.
-
Check for unauthorized subaccounts or services being accessed.
-
Review billing information for unexpected charges.
Mitigation Instructions:
-
Log in to the Twilio Console at
https://www.twilio.com/console -
Navigate to Settings > API Keys
-
Locate the compromised API key
-
Click on the API key and select "Delete"
-
Confirm the deletion
-
Create a new API key with appropriate permissions
-
Update your applications with the new API key
-
Consider implementing additional security measures such as:
-
Restricting API key access by IP address
-
Setting up usage triggers to alert on unusual activity
-
Implementing two-factor authentication for your Twilio account
-