Fast Company names Aembit a Best Workplace for Innovators. Learn More →

TRY AEMBIT
Blog
Blog
Blog
X

Blog

Author: Dan Kaplan

Are you suffering from credentialitis with doctor asking.

We’ve Identified a New IT Ailment. It’s Called Credentialitis – And It’s Spreading Fast

Recent flaws in Conjur and Vault highlight the risks of concentrating trust in a single repository – and why workload IAM may offer a more resilient path forward.
2 min read
Businessperson interacting with CRM data.

When Salesforce Becomes a De Facto Credential Repository: Lessons from the Drift OAuth Breach

Recent flaws in Conjur and Vault highlight the risks of concentrating trust in a single repository – and why workload IAM may offer a more resilient path forward.
3 min read
Workload identity vs. workload access management

Workload Identity vs. Workload Access Management: Securing Cloud-Native Workloads in a Dynamic Environment

Understanding the distinction is essential for implementing Zero Trust.
5 min read
Dynamic Authorization vs. Static Secrets

Dynamic Authorization vs. Static Secrets: Rethinking Cloud Access Controls

Learn why static secrets fail in modern environments and how to implement dynamic authorization.
6 min read
Vault with a warning sign superimposed.

Vault Fault: Secrets Managers and the Limits of Centralized Trust

Recent flaws in Conjur and Vault highlight the risks of concentrating trust in a single repository – and why workload IAM may offer a more resilient path forward.
3 min read
What Identity Federation Means for Workloads

What Identity Federation Means for Workloads in Cloud-Native Environments

Learn how federation works for non-human identities, where legacy models fall short, and how to implement a secure, scalable solution.
7 min read
A person vibe codes

When Identifiers Aren’t Identities: Security Lessons from the Base44 AI Vibe Coding Flaw

The vulnerability shows how modern application development is accelerating without bringing access controls along for the ride.
3 min read
biometric scanner

Workload IAM vs. API Security

You can monitor traffic all day, but if you don’t control what’s allowed to send it, you’re already behind.
5 min read
human identity vs non human identity

How to Distinguish Between Human and Non-Human Identities

The issue of failing to differentiate between human and non-human identities is becoming increasingly prevalent. Studies show that two in five SaaS platforms fail to make this distinction.
5 min read
Inside Snowflake's NHI Security Playbook.

The Story Behind Snowflake’s Push to Rein in Non-Human Identities

After locking down workforce identity, Snowflake’s security team took on the harder problem – controlling non-human access at scale without slowing teams down.
4 min read
Load More