# api-keys

5 articlestagged with “api-keys”

Cloud AI API Key Management Security

Best practices and attack vectors for API key management in cloud AI service deployments.

Vector Database Access Control

Vector database access control weaknesses: API key management, tenant isolation failures, namespace security, and metadata filtering bypass techniques.

access-controlapi-keystenant-isolationnamespace-securitymetadata-filteringvector-databases

Intermediate

Authentication & Session Attacks

Methodology for bypassing authentication, extracting API keys, manipulating session state, exploiting cross-session data leakage, and escalating privileges in LLM-powered applications.

authenticationsession-attacksapi-keysprivilege-escalationjwtllm-appsaccess-control

Advanced

Lab: API Key Security

Learn common API key exposure vectors, secure key management with .env files, detect keys in git history, implement key rotation, and apply least-privilege principles.

labapi-keyssecuritysecrets-managementbeginner

Beginner

Weights & Biases Attack Surface

Security analysis of Weights & Biases (W&B/wandb): API key exposure, experiment data leakage, team boundary violations, artifact poisoning, and attack techniques specific to the W&B platform.

wandbweights-and-biasesapi-keysexperiment-trackingartifact-poisoningdata-leakage

Advanced