UPDATED 20:06 EDT / JULY 06 2023

SECURITY

JumpCloud resets admin API keys after unspecified ‘ongoing incident’

Cloud directory-as-a-service provider JumpCloud Inc. has reset admin application programming interface keys for customers due to an unspecified “ongoing incident.”

Exactly what the ongoing incident is was not specified. A notice sent to customers stated only that the company was resetting the API keys out of an abundance of caution. “We have done this to protect your organization and operations,” a message sent to affected customers reads. “We apologize for any disruption this causes you and your organization, but the action was taken on your behalf as the most prudent course of action.”

A further notice on JumpCloud’s support site does not provide any additional details on the incident. The support page provides details on how JumpCloud admins using an API key can access a new one.

JumpCloud’s service offers simplified directory management for companies that have multiple user directories or that don’t want to go to the trouble of installing their own. Pitched as a modern replacement for Microsoft Corp.’s Active Directory service, JumpCloud’s directory provides core identity and access control services, multifactor authentication, single sign-on and integration with other popular directories.

Without knowing what is going on, Scott Gerlach, co-founder and chief security officer at API security testing company StackHawk Inc., told SiliconANGLE that companies do not take actions such as resetting API keys lightly.

“I’m sure if JumpCloud is dealing with a security incident, the work is not simple and protecting customers and the integrity of their authentication is their first priority,” Gerlach explained. “This work is never easy and lots of great people are probably very busy and stressed.”

Jason Kent, hacker in residence at unified API protection company Cequence Security Inc., also noted that the decision to reset the API keys would not have been taken lightly because “IT and cyber security professionals don’t like redoing work and having to go set keys on various systems and wait for reports of successes and failures.”

Chase Doelling, principal strategist at JumpCloud, spoke with theCUBE, SiliconANGLE Media Inc.’s live streaming studio, in September, on how the company consolidates different security technologies using an open directory platform:

Image: JumpCloud

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.

Cookies

We employ the use of cookies. Find out more.