The security team said yes: How a $300B investment firm deployed Claude agents across the enterprise →

TRY AEMBIT
TALK TO AN ENGINEER

Blog

Breach Analysis

The Canvas Breach Shows What Happens When SaaS Platforms Become Identity Infrastructure

Dan Kaplan May 2026 | 6 min read
Illustration of a computer monitor in an office workspace displaying a ransomware-style warning message tied to the Canvas and Instructure data breach, surrounded by desks, office equipment, and a blurred corporate office environment.

6 min readThe breach involving Instructure, the company behind the Canvas learning management system used by thousands of schools and universities worldwide, arrived at a particularly bad moment for educational institutions. Final exams, coursework submissions, faculty communication, and end-of-year administrative activity all run heavily through Canvas at many schools. When portions of the platform went offline and […]

The response to the Canvas breach revealed how much modern institutions still depend on long-lived credentials, shared trust layers, and persistent access between systems.
Dig in
Integration Guides

How To Create an MCP Server To Connect Your App With LLMs

Aembit Engineering Apr 2026 | 8 min read
Industry Insights

MCP or CLI? How to Choose Right Interface for Your AI Tools

Holden Hewett Apr 2026 | 4 min read
Resources

Agentic AI Security Starter Kit: Where Autonomous Systems Fail and How to Defend Against It

Dan Kaplan Feb 2026 | 4 min read

Discover More of What Matters to You

Recent Stories

Connect custom AI agents with Slack

How to Connect Custom AI Agents with Slack

Whether you want simple fire-and-forget alerts or full two-way control, here’s how to securely wire your AI agent into Slack
Aembit Engineering
May 2026
|
11 min read
Workforce Agents vs Customer Agents: A Complete Guide

Workforce Agents vs. Customer Agents: Identity, Access, and Security Explained

Workforce and customer agents may rely on similar identity infrastructure, but the trust models, access patterns, and security risks behind them differ significantly.
Dan Kaplan
May 2026
|
9 min read
Split illustration showing chaotic tangled infrastructure on one side and a clean, structured cloud architecture diagram on the other.

Everyone Wants SPIFFE. Almost No One Can Afford to Build It Right.

What it takes to implement it, and why real-world environments make it hard to finish.
Ashur Kanoon
May 2026
|
16 min read
Access granted.

5 Capabilities of Workload Access Managers – And Why WAM Isn’t WIM

Workload access management isn’t identity management – it enforces access and eliminates credentials. Learn the five core WAM capabilities
Apurva Davé
May 2026
|
10 min read
I spent one day building AI agents. Here's what actually happened.

I Spent One Day Building AI Agents. Here’s What Actually Happened

Victor Ronin builds AI agents in a day using CrewAI and a local LLM, sharing what worked, what broke and why agents still need humans.
Victor Ronin
May 2026
|
11 min read
MCP Server Access

Auditing MCP Server Access and Usage

AI agents exchange sensitive contexts across MCP servers in seconds. Without context-aware auditing, you can’t trace who accessed what.
Ashur Kanoon
May 2026
|
6 min read
Non-Human Identity Management vs. Machine Identity vs. Workload IAM

Non-Human Identity Management vs. Machine Identity vs. Workload IAM

NHIM, MIM, and workload IAM each address a different layer of non-human identity security. Learn how they compare and complement each other.
Apurva Davé
Apr 2026
|
6 min read
Context-Based Access Control for MCP Servers: Why Static Rules Fail

Context-Based Access Control for MCP Servers: Why Static Rules Fail

Static access rules fail in dynamic MCP environments. Context-based access control evaluates identity, context and resources in real time.
Dan Kaplan
Apr 2026
|
6 min read
Announcing Aembit IAM for Agentic AI

Aembit IAM for Agentic AI

Aembit IAM for Agentic AI combines blended identity with an MCP Identity Gateway for enterprise agents.
Apurva Davé
Apr 2026
|
8 min read
What Is IAM for Agentic AI? The New Perimeter of Trust in 2026

What Is IAM for Agentic AI? The New Perimeter of Trust in 2026

Most CISOs fear AI agent risks, but legacy IAM can’t govern autonomous systems. A new identity model built on attestation is emerging.
Ashur Kanoon
Apr 2026
|
6 min read
Why Traditional IAM Is No Match for Agentic AI

Why Traditional IAM Is No Match for Agentic AI

Legacy IAM can’t govern autonomous AI agents that spin up, execute and terminate in seconds. New identity patterns are now emerging.
Apurva Davé
Apr 2026
|
6 min read
5 Secrets Manager Alternatives for Securing Non-Human Identities

5 Secrets Manager Alternatives for Securing Non-Human Identities

Secrets managers store credentials but can’t close the access gaps that multicloud workloads and AI agents create. Five alternatives can.
Dan Kaplan
Apr 2026
|
6 min read
Load More

Ready to Try Workload IAM?

Get started in minutes, with no sales calls required. Our free-forever tier is just a click away.

Request a Demo