The security team said yes: How a $300B investment firm deployed Claude agents across the enterprise →

TRY AEMBIT
TALK TO AN ENGINEER
Blog

Author: Kevin Sapp

Gartner’s Workload IAM Architecture Is a Big Step Forward for AI Agent Security

The global research and advisory firm is pushing the industry toward a more practical model for securing AI agents and non-human access.
Kevin Sapp
May 2026
|
8 min read
Securing CI CD Pipelines With Workload Identity Federation

Securing CI/CD Pipelines with Workload Identity Federation

Pipeline breaches keep repeating because static credentials persist. Identity federation replaces stored secrets with runtime tokens.
Kevin Sapp
Apr 2026
|
6 min read

Key Takeaways on Non-Human Identity Security from Gartner’s PAM Report

Gartner’s 2025 PAM Magic Quadrant names machines a core market concern. That shift changes the map for NHI security and workload IAM.
Kevin Sapp
Apr 2026
|
6 min read
MCP OAuth 21 PKCE and the future of AI authorization

MCP, OAuth 2.1, PKCE, and the Future of AI Authorization

The MCP authorization spec sets a new standard for securing non-human AI agents – with lessons for anyone building autonomous, scalable systems.
Kevin Sapp
May 2025
|
7 min read
Human brain and AI brain

Self-Assembling AI and the Security Gaps It Leaves Behind

Instead of running static workflows, agents are building the system for you, deciding how to connect tools and take action on the fly.
Kevin Sapp
May 2025
|
5 min read
Image of major highway artery.

Why Scalability Matters in Non-Human Identity and Access Management

From dynamic workloads to API-driven systems, managing non-human identities requires a new approach to security at scale.
Kevin Sapp
Jan 2025
|
6 min read
header image depicting Aembit QuickStart guide

Secure Workload Access in Minutes with Aembit’s New QuickStart Guide

This step-by-step resource helps you deploy workloads, configure policies, and explore Aembit’s approach to securing non-human identities.
Kevin Sapp
Nov 2024
|
3 min read
malicious hacker carrying anonymous mask looking at servers

How to Defend Non-Human Identities from Infostealers

The identity layer’s most insidious threat is now setting its sights on a different group of targets. Here’s how to be ready.
Kevin Sapp
Nov 2024
|
4 min read
Open Letter to API Vendors

Dear API Vendors: Use Secure Authentication, Ditch API Keys

As the demand for API access continues to grow, so does the urgency of adopting more secure authentication methods.
Kevin Sapp
May 2024
|
3 min read
spiffe-and-spire-your-questions-answered

SPIFFE and SPIRE: Your Questions Answered

Explore how the specifications impact secrets management and workload identity and access management practices across distributed environments.
Kevin Sapp
Oct 2023
|
7 min read
Load More