Webex App Keys
Service Name: Cisco Webex
Service Description: Cisco Webex is a cloud-based collaboration platform that provides video conferencing, online meetings, screen sharing, webinars, and messaging services for businesses and organizations.
Service Address: https://developer.webex.com/
Validation Type: API Auth
IP Allow list: IP restrictions can be configured at the organization level through Cisco Webex Control Hub.
Secret Access Scope: Grants programmatic access to Webex APIs, allowing applications to interact with Webex services, manage meetings, access user information, and perform administrative functions depending on the permissions granted.
Secret Revokement URL: https://developer.webex.com/my-apps
Secret Example: Y2lzY29zcGFyazovL3VzL0FQUExJQ0FUSU9OL0NhYzlkYjgwYWRlZTQ5MGJiMGMzZmFkZjgxOW JhMzFiZjRhOWExNDdhOTVlNGFkYzk4YWFiZGVkYjZhMzgwYWY
Suspicious Activity Investigation Instructions:
- Review the Webex Control Hub audit logs for unusual API calls or access patterns
- Check for unauthorized integrations or applications connected to your Webex account
- Monitor for unusual meeting creation, user management, or messaging activities
-
Verify if there are any unexpected changes to organization settings or permissions
-
Check for unusual geographic access locations or times
Mitigation Instructions:
- Log in to the Webex Developer Portal at https://developer.webex.com/
- Navigate to "My Apps" section
- Locate the compromised application
- Click on the application and select "Regenerate Secret" to invalidate the current key
- Alternatively, delete the application entirely if it's no longer needed
- Update any legitimate applications with the new credentials
- Review and adjust the application's scopes and permissions to follow the principle of least privilege
- Enable additional security measures like IP restrictions through Webex Control Hub if available