New independent research: Most enterprises aren’t fully ready to secure autonomous AI agents →

TRY AEMBIT
TALK TO AN ENGINEER
Blog
Blog
Blog
X

Blog

Category: Best Practices

MCP Server Communications

Securing MCP Server Communications: Beyond Authentication

Securing MCP servers requires rethinking the entire communication stack, not just adding TLS and calling it done.
Ashur Kanoon
Nov 2025
|
6 min read
2 legged vs 3 legged OAuth

2-Legged vs 3-Legged OAuth: Which Flow Fits Your Use Case?

Choosing the right flow is only the beginning. The real challenge is implementing either flow without creating persistent credential vulnerabilities that undermine your security.
Ashur Kanoon
Oct 2025
|
6 min read
OAuth vs OIDC

OAuth vs. OIDC: What’s the Difference and When Should You Use Each?

OAuth 2.0 and OIDC solve fundamentally different problems.
Ashur Kanoon
Oct 2025
|
5 min read
MCP Server Access

Auditing MCP Server Access and Usage

The dynamic nature of MCP makes a lack of visibility dangerous, as attackers can exploit complex workflows and ephemeral infrastructure to hide malicious activity.
Ashur Kanoon
Oct 2025
|
6 min read
Secrets Sprawl is Killing DevOps Speed — Here's How to Fix It

Secrets Sprawl is Killing DevOps Speed – Here’s How to Fix It

Secrets sprawl forces developers into constant rework while leaving organizations exposed to the exact security risks they’re trying to prevent.
Dan Kaplan
Oct 2025
|
5 min read
Simplifying IAM Migrations: Lessons for Hybrid Enterprises

Simplifying IAM Migrations: Lessons for Hybrid Enterprises

IAM migrations stall in hybrid enterprises due to massive on-prem Active Directory (AD) deployments, budget and regional constraints, and a lack of alignment among development, DevOps, and security teams.
Ashur Kanoon
Oct 2025
|
6 min read

Configuring an MCP Server with Auth0 as the Authorization Server

A practical walkthrough of the Auth0 settings and tweaks you’ll need to get an MCP server working smoothly with real-world clients like Claude.
Victor Ronin
Sep 2025
|
4 min read
Securing AI Agents and LLM Workflows Without Secrets

Securing AI Agents Without Static Credentials

AI agents face unique risks from static API keys and prompt injection. Learn why workload identity eliminates credentials for LLM workflows.
Ashur Kanoon
Sep 2025
|
5 min read
Dynamic Authorization vs. Static Secrets

Dynamic Authorization vs. Static Secrets: Rethinking Cloud Access Controls

Learn why static secrets fail in modern environments and how to implement dynamic authorization.
Dan Kaplan
Aug 2025
|
6 min read
machine iam and workload iam

Why Fragmented Machine IAM Is Failing (and What Workload IAM Gets Right)

If your workloads could talk, they’d probably ask for better IAM.
Ashur Kanoon
Jul 2025
|
6 min read
Load More