Skip to content

IBM Watson Speech to Text Key

Service Name: IBM Watson Speech to Text

Service Description: IBM Watson Speech to Text is a cloud service that enables you to convert spoken audio into written text. It uses machine learning to combine information about grammar and language structure to generate accurate transcriptions.

Service Address: https://www.ibm.com/cloud/watson-speech-to-text

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the IBM Cloud account level using network access policies.

Secret Access Scope: Grants programmatic access to IBM Watson Speech to Text service, allowing audio transcription and model customization.

Secret Revokement URL: https://cloud.ibm.com/iam/apikeys

Secret Example: AbCd1234EfGh5678IjKl9012MnOp3456QrSt7890UvWx

Suspicious Activity Investigation Instructions:

  • Review IBM Cloud Activity Tracker logs for unusual API calls or usage patterns.
  • Check for unexpected spikes in service usage or billing.
  • Monitor for unauthorized access from unfamiliar IP addresses or locations.
  • Examine API call patterns for unusual transcription requests or model modifications.
  • Review any custom models that may have been created or modified without authorization.

Mitigation Instructions:

  • Log in to the IBM Cloud console at https://cloud.ibm.com.

  • Navigate to Manage > Access (IAM) > API keys.

  • Locate the compromised API key in the list.
  • Click the "Actions" menu (three dots) next to the key and select "Delete".
  • Create a new API key with appropriate access restrictions.
  • Update any legitimate applications or services to use the new API key.
  • Review and adjust IAM policies to ensure proper access controls.
  • Consider implementing IP allowlisting for additional security.