The security team said yes: How a $300B investment firm deployed Claude agents across the enterprise →

Get an Aembit Tenant
TALK TO AN ENGINEER
Blog

Author: Apurva Davé

Connectivity of boxes

Secrets Management vs. Access Management: What You Need to Know

When your team stores API keys in a vault and rotates them on a schedule, it feels like the access problem is handled.
Apurva Davé
Apr 2026
|
5 min read
What is Agentic AI

What Exactly Is Agentic AI (and Why It Matters Now)

For years, artificial intelligence has been reactive. You prompted it, and it responded by analyzing data, generating text or predicting outcomes, but only when asked.
Apurva Davé
Apr 2026
|
5 min read
JIT Access for Wordkloads

Just-in-Time Access for Workloads: Eliminating Standing Privileges

Most workload credentials, the API keys, tokens and passwords that connect your services, carry “always on” access that never expires.
Apurva Davé
Apr 2026
|
6 min read
AI Agent Identity: The Multi-Protocol Authentication Gap

AI Agent Identity: The Multi-Protocol Authentication Gap

AI agent identity breaks down when agents authenticate across OAuth, API keys and managed identities simultaneously. Learn why single-protocol solutions fail.
Apurva Davé
Apr 2026
|
6 min read
service accounts

The Real Risk Behind Service Accounts (And Why Nobody’s Watching Them) 

While companies pour resources into securing employee accounts with MFA, zero trust and regular access reviews, service accounts still get created with static credentials, granted sweeping permissions and then left unmanaged. This creates a growing population of identities that operate outside traditional IAM controls.
Apurva Davé
Mar 2026
|
6 min read
Trivy gets breached and the secrets problem.

The Trivy Compromise: The Fallacy of Secrets Management and the Case for Workload Identity

The Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload identity and access.
Apurva Davé
Mar 2026
|
5 min read
AI Agent Identity Security: Why It Matters and How to Get It Right

AI Agent Identity Security: Why It Matters and How to Get It Right

AI agent identity security is the set of practices and controls that treat AI agents as distinct, governable identities with their own authentication, authorization and audit requirements.
Apurva Davé
Mar 2026
|
5 min read
secret remediation best practices

Secret Remediation Best Practices: A Step-by-Step Guide

Secret remediation is the process of responding to an exposed credential by revoking it, rotating it and removing every trace of it from your environment.
Apurva Davé
Mar 2026
|
6 min read
The OWASP Top 10 for LLM Applications 2025

The OWASP Top 10 for LLM Applications (2025): Explained Simply

The OWASP Top 10 for LLM Applications is the most widely referenced framework for understanding these risks. First released in 2023, OWASP updated the list in late 2024 to reflect real-world incidents, emerging attack techniques and the rapid growth of agentic AI.
Apurva Davé
Mar 2026
|
6 min read
Risks of Agentic AI

6 Cybersecurity Risks of Agentic AI (and How to Address Them)

Agentic AI introduces new cybersecurity risks, primarily concerning autonomous identity, tool chain exposure, and cascading compromises, requiring security teams to urgently adopt least-privilege identity frameworks and real-time monitoring designed specifically for self-directed, persistent workloads.
Apurva Davé
Jan 2026
|
6 min read
Load More