TRY AEMBIT

Blog

Industry Insights

Replacing a GitHub Personal Access Token With a GitHub Application

Jason Kwon Jun 2025 | 5 min read
Replacing a GitHub Personal Access Token with a GitHub Application

5 min readFollow this hands-on walkthrough to create a GitHub App, generate installation tokens, and swap fragile PATs out of your workflows.

Dig in
Industry Insights

Self-Assembling AI and the Security Gaps It Leaves Behind

Kevin Sapp May 2025 | 5 min read
Product Updates

Introducing One Security Token Service for All Your Clouds

Apurva Davé Apr 2025 | 7 min read
Breach Analysis

5 Non-Human Identity Breaches That Workload IAM Could Have Prevented

Dan Kaplan Apr 2025 | 5 min read

Discover More of What Matters to You

Recent Stories

moving beyond static credentials

Moving Beyond Static Credentials in Cloud-Native Environments

In distributed, cloud-native environments, long-lived credentials have become a growing source of risk, operational friction, and compliance failure.
Dan Kaplan
Jun 2025
|
5 min read
encryption keys vs access keys

Managing Encryption Keys vs. Access Keys

Not all keys are created equal, and treating them as if they are can quietly introduce risk.
Dan Kaplan
Jun 2025
|
6 min read
secret remediation best practices

A Guide to Secret Remediation Best Practices

With the increasing complexity of cloud environments and the proliferation of APIs, exposed secrets have become a widespread concern.
Apurva Davé
Jun 2025
|
6 min read
secrets management in the cloud

Best Practices for Secrets Management in the Cloud

This guide covers the essential best practices for securing your organization's secrets in cloud environments.
Dan Kaplan
Jun 2025
|
5 min read
Secretless Access for GitHub Actions and Workflows

Secretless Access for GitHub Actions and Workflows

Protect GitHub Actions environment variables with secretless authentication. Avoid static secrets and secure your CI/CD pipelines the modern way.
Dan Kaplan
Jun 2025
|
6 min read
key management solutions

Key Management Solutions for Non-Human Identities in the Cloud

Learn how leading enterprises manage access keys for non-human cloud workloads, reduce credential risks, and move beyond traditional key management.
Apurva Davé
Jun 2025
|
9 min read
Engineers observing incident on monitor

5 Common Ways Non-Human Identities Are Exploited – and How to Secure Them

Discover the emerging class of attacks involving software workloads and AI agents.
Dan Kaplan
Jun 2025
|
4 min read
Introducing Workload IAM for Microsoft Environments.

Introducing Comprehensive Workload Identity and Access Management Across Microsoft Environments

With Aembit, you can secure Microsoft workloads – wherever they run – using short-lived credentials, posture-aware policies, and no-code credential injection.
Ashur Kanoon
Jun 2025
|
5 min read

What Kind of Identity Should Your AI Agent Have?

AI agents don’t neatly fit into your IAM chart. They switch roles, borrow authority, and rewrite what identity means at runtime. Here's what that means for you.
Apurva Davé
May 2025
|
7 min read
MCP OAuth 21 PKCE and the future of AI authorization

MCP, OAuth 2.1, PKCE, and the Future of AI Authorization

The MCP authorization spec sets a new standard for securing non-human AI agents – with lessons for anyone building autonomous, scalable systems.
Kevin Sapp
May 2025
|
7 min read
Dev, DevOps, Security Cooperation

How to Unite Developers, DevOps, and Security Without Slowing Down

Builders and protectors don’t have to clash – they just need a common path.
Dan Kaplan
May 2025
|
5 min read
Human brain and AI brain

Self-Assembling AI and the Security Gaps It Leaves Behind

Instead of running static workflows, agents are building the system for you, deciding how to connect tools and take action on the fly.
Kevin Sapp
May 2025
|
5 min read
Load More

Ready to Try Workload IAM?

Get started in minutes, with no sales calls required. Our free- forever tier is just a click away.

Request a Demo