Vector Database Security

A vector database is still a database — it just holds embeddings and metadata behind an API. In the rush to ship RAG, teams skipped two decades of database-security habits: instances sit exposed with no auth, embeddings get treated as anonymous when they are approximately invertible, and tenant isolation rests on filters the caller can forge. Secure the store like the sensitive datastore it is.