The Intersection of AI and Cloud Secrets: Understanding the 2025 Risk Landscape
In 2025, enterprise risk took a new shape as AI adoption became the leading driver of cloud vulnerabilities. With nearly 88% of organizations integrating AI into at least one business function, the attack surface has expanded dramatically. SentinelOne's latest report, based on telemetry from over 11,000 anonymized customer environments, reveals how threat actors are exploiting modern cloud and AI infrastructures. This Q&A explores key findings, including the surge in AI-specific secrets, the rise of shadow AI, and the distinct risks posed by unmanaged credentials.
What is the primary driver of cloud risk in 2025 according to the report?
According to SentinelOne's 2026 report, the primary driver of cloud risk is the widespread adoption of AI and large language models (LLMs). In 2025, this shift became official as AI integration outpaced traditional security measures. The report highlights that nearly 88% of organizations now use AI in at least one business function. This rapid embedding of AI into customer support, internal tools, financial platforms, and product experiences has created a complex and interconnected attack surface. Attackers are increasingly exploiting these AI-enabled systems, making traditional security guardrails insufficient. The convergence of cloud secrets and AI risk now demands new governance approaches to protect sensitive credentials.
How much have AI-specific secrets increased, and why?
The report documents an explosive growth of AI-specific secrets, such as OpenAI and Azure OpenAI API keys, by approximately 140% within a single year. This surge directly correlates with the rapid embedding of AI technologies across business functions. As organizations integrate AI into customer support systems, internal tooling, financial platforms, and product experiences, developers routinely create and store API keys—often without proper oversight. The same keys are duplicated across code repositories, SaaS configurations, and development scripts, making them difficult to track via standard secrets management protocols. This proliferation underscores the urgent need for centralized governance over how AI keys are issued and used.
What is "shadow AI" and why is it a concern?
Shadow AI refers to the unsanctioned use of AI tools within an organization without formal IT approval or security oversight. In practice, it occurs when developers or internal teams use unmanaged or personal LLM keys to process corporate data outside sanctioned channels. Since these AI integrations span numerous internal applications, the same API keys are frequently duplicated and stored in code repositories, SaaS configurations, and scripts. This lack of access controls and routine rotation schedules makes shadow AI a significant security concern. The sprawl of these credentials complicates detection and management, exposing organizations to data breaches and unauthorized access. Centralized governance is essential to mitigate the risks of shadow AI.
How do unmanaged AI credentials create different risk vectors than traditional cloud credentials?
Unlike traditional cloud credentials that primarily enable resource manipulation, compromised AI credentials introduce unique risk vectors. AI services often operate at the intersection of multiple enterprise systems—including CRM platforms, ticketing systems, and analytics tools. A single compromised LLM API key can provide attackers broad visibility into diverse datasets, far beyond what a typical cloud key might expose. Additionally, the ubiquity of AI across business functions means these keys unlock sensitive corporate conversations, embedded business logic, and user prompts. This interconnectedness amplifies the potential damage from a breach, as attackers can pivot from one system to another. The report categorizes these risks into two primary areas: data exposure and prompt manipulation.
What types of risks are associated with exposed AI keys?
The report identifies two main risk categories for exposed AI keys: data exposure and leakage, and prompt injection and data poisoning. Data exposure occurs when unauthorized access to AI keys allows attackers to harvest sensitive or proprietary datasets processed by models, including embedded business logic and internal user prompts and outputs. This enables large-scale harvesting of corporate conversations. Prompt injection involves threat actors manipulating AI models to produce misleading or harmful outputs, while data poisoning corrupts the model training data. Both types of attacks can severely damage an organization's operations and reputation. The unique nature of AI keys—often tied to critical business functions—makes these risks particularly acute.
What does the report suggest about managing AI credentials?
SentinelOne's report emphasizes the need for centralized governance over AI credentials. Given the explosive growth of AI-specific secrets and the prevalence of shadow AI, organizations must implement robust secrets management protocols that include access controls, routine rotation schedules, and visibility across all environments. Traditional approaches are insufficient because AI keys are duplicated across code repositories, SaaS configs, and scripts. The report recommends adopting automated scanning tools to detect exposed keys and enforcing policies that limit the use of unmanaged credentials. By treating AI secrets as a distinct risk category, enterprises can better protect against the convergence of cloud and AI threats.