Aembit IAM for Agentic AI now supports Microsoft Copilot Studio. Read More →

Get an Aembit Tenant
TALK TO AN ENGINEER
Blog

Author: Dan Kaplan

A blurred software error message on a computer screen showing an exception response with a visible token value.

CrewAI GitHub Token Exposure Highlights the Growing Risk of Static Credentials in AI Systems

The exposure demonstrates how ordinary errors can reveal internal credentials and how stronger limits on scope and lifespan can contain the impact.
Dan Kaplan
Nov 2025
|
3 min read
AI-Agent-Deployment-Patterns

4 Types of AI Agents and What They Mean for Identity Security

These four architectural patterns reveal how AI agents differ fundamentally from traditional workloads.
Dan Kaplan
Nov 2025
|
7 min read
Renee Guttmann joins Aembit as adviser.

Veteran CISO and Aembit Adviser Renee Guttmann on Guiding Security into the AI Age

From Coca-Cola to Campbell Soup, Renee Guttmann knows what lasts as security changes.
Dan Kaplan
Nov 2025
|
4 min read
MCP Security Introduction

What is MCP Security: A Complete Introduction

The Model Context Protocol (MCP), developed by Anthropic, standardizes how AI agents interact with external tools and data.
Dan Kaplan
Oct 2025
|
5 min read
Secrets Sprawl is Killing DevOps Speed — Here's How to Fix It

Secrets Sprawl is Killing DevOps Speed – Here’s How to Fix It

Secrets sprawl forces developers into constant rework while leaving organizations exposed to the exact security risks they’re trying to prevent.
Dan Kaplan
Oct 2025
|
5 min read
Red Hat GitLab instance breach analysis with thumbnail of code on a laptop.

Red Hat’s GitLab Breach and the Cost of Embedded Credentials

The incident shows how repositories double as inadvertent credential stores, extending risk from vendors into customer environments.
Dan Kaplan
Oct 2025
|
3 min read
The Evolution Toward Agentic AI

From Chatbots to Agents: The Evolution Toward Agentic AI

From rule-based chatbots to autonomous agentic AI, we’ve come a long way in past three decades.
Dan Kaplan
Oct 2025
|
8 min read
Are you suffering from credentialitis with doctor asking.

We’ve Identified a New IT Ailment. It’s Called Credentialitis – And It’s Spreading Fast

Credentialitis isn’t just a clever name. It’s a real condition plaguing modern IT teams. Dr. Seymour Keys is here to walk you through the symptoms, the screening, and the treatment.
Dan Kaplan
Sep 2025
|
2 min read
Businessperson interacting with CRM data.

When Salesforce Becomes a De Facto Credential Repository: Lessons from the Drift OAuth Breach

This malicious campaign demonstrates how long-lived token theft can become the first step in a much broader breach.
Dan Kaplan
Aug 2025
|
3 min read
Vault with a warning sign superimposed.

Vault Fault: Secrets Managers and the Limits of Centralized Trust

Recent flaws in Conjur and Vault highlight the risks of concentrating trust in a single repository – and why workload IAM may offer a more resilient path forward.
Dan Kaplan
Aug 2025
|
3 min read
Load More