Are you showing signs of Credentialitis? Get diagnosed and treated →

TRY AEMBIT
Blog
Blog
Blog
X

Blog

Author: Dan Kaplan

Secrets Sprawl is Killing DevOps Speed — Here's How to Fix It

Secrets Sprawl is Killing DevOps Speed – Here’s How to Fix It

Secrets sprawl forces developers into constant rework while leaving organizations exposed to the exact security risks they’re trying to prevent.
5 min read
Red Hat GitLab instance breach analysis with thumbnail of code on a laptop.

Red Hat’s GitLab Breach and the Cost of Embedded Credentials

The incident shows how repositories double as inadvertent credential stores, extending risk from vendors into customer environments.
3 min read
The Evolution Toward Agentic AI

From Chatbots to Agents: The Evolution Toward Agentic AI

From rule-based chatbots to autonomous agentic AI, we’ve come a long way in past three decades.
8 min read
Are you suffering from credentialitis with doctor asking.

We’ve Identified a New IT Ailment. It’s Called Credentialitis – And It’s Spreading Fast

Credentialitis isn’t just a clever name. It’s a real condition plaguing modern IT teams. Dr. Seymour Keys is here to walk you through the symptoms, the screening, and the treatment.
2 min read
Businessperson interacting with CRM data.

When Salesforce Becomes a De Facto Credential Repository: Lessons from the Drift OAuth Breach

This malicious campaign demonstrates how long-lived token theft can become the first step in a much broader breach.
3 min read
Workload identity vs. workload access management

Workload Identity vs. Workload Access Management: Securing Cloud-Native Workloads in a Dynamic Environment

Understanding the distinction is essential for implementing Zero Trust.
5 min read
Dynamic Authorization vs. Static Secrets

Dynamic Authorization vs. Static Secrets: Rethinking Cloud Access Controls

Learn why static secrets fail in modern environments and how to implement dynamic authorization.
6 min read
Vault with a warning sign superimposed.

Vault Fault: Secrets Managers and the Limits of Centralized Trust

Recent flaws in Conjur and Vault highlight the risks of concentrating trust in a single repository – and why workload IAM may offer a more resilient path forward.
3 min read
What Identity Federation Means for Workloads

What Identity Federation Means for Workloads in Cloud-Native Environments

Learn how federation works for non-human identities, where legacy models fall short, and how to implement a secure, scalable solution.
7 min read
A person vibe codes

When Identifiers Aren’t Identities: Security Lessons from the Base44 AI Vibe Coding Flaw

The vulnerability shows how modern application development is accelerating without bringing access controls along for the ride.
3 min read
Load More