Model Configuration#
Two model sources#
Shared models#
Provided by your workspace or organization. The advantage is that they are ready to use with no user-managed API key.
Personal models#
Available only when your workspace allows custom model configuration. Best suited for:
- Connecting a customer-approved model endpoint
- Connecting local or private models in supported deployments
- Testing different model capabilities in a controlled workspace
What to fill in when adding a model#
| Field | Description | Example |
|---|---|---|
| Name | Display name for the model | Company model |
| API Base URL | Model service endpoint | https://models.example.com/v1 |
| API Key | Authentication key | sk-... |
| Model ID | Model identifier | security-analysis-model |
Provider notes#
Provider availability, endpoint format, and authentication depend on your deployment and agreement. Hosted AttackTrace may use an underlying model provider configured by the platform. Private deployments can use customer-selected providers or local/private models where supported.
AttackTrace is not a standalone model provider and does not sell raw model access.
Recommendations#
- For stability: use your team's shared models
- For best capability: choose a more powerful model
- For private deployment needs: use the model provider approved for that deployment
!!! warning "Tool call support" If a model does not support Function Calling / Tool Use, AttackTrace may not be able to invoke security tools correctly.