Meet Aembit IAM for Agentic AI. See what’s possible →

TRY AEMBIT
TALK TO AN ENGINEER

Blog

Breach Analysis

Agents Aren’t People: What the ServiceNow Vulnerability Reveals About Agentic AI Access Control

Dan Kaplan Jan 2026 | 3 min read
Man working on laptop with ServiceNow software running.

3 min readEnterprise security teams are beginning to encounter a category of access failure that feels unfamiliar only because its consequences arrive faster than expected.  Systems that once required multiple steps, approvals, or manual intervention are now able to act continuously, across tools, and with little friction. In that environment, long-tolerated identity shortcuts, such as shared credentials […]

A ServiceNow impersonation flaw illustrates how agentic systems turn weak identity assumptions into durable access paths across enterprise environments.
Dig in
Product Updates

Announcing Aembit IAM for Agentic AI

Apurva Davé Oct 2025 | 7 min read
Best Practices

Securing AI Agents and LLM Workflows Without Secrets

Ashur Kanoon Sep 2025 | 10 min read
Resources

The Definitive Catch-Up Guide to Agentic AI Authentication

Victor Ronin Jul 2025 | 11 min read

Discover More of What Matters to You

Recent Stories

Risks of Agentic AI

The Cybersecurity Risks of Agentic AI: What Security Teams Need to Know

Agentic AI introduces new cybersecurity risks, primarily concerning autonomous identity, tool chain exposure, and cascading compromises, requiring security teams to urgently adopt least-privilege identity frameworks and real-time monitoring designed specifically for self-directed, persistent workloads.
Apurva Davé
Jan 2026
|
7 min read
Catching Rogue Workloads and AI Agents

Anomaly Detection for Non-Human Identities: Catching Rogue Workloads and AI Agents

Traditional security models fail to detect compromised service accounts and non-deterministic AI agents, requiring a shift to layered, identity-aware behavioral monitoring.
Dan Kaplan
Jan 2026
|
8 min read
API Keys v OAuth

API Keys vs OAuth: Which API Authentication Method Is More Secure?

API keys offer simplicity, but OAuth provides superior security through automatic expiration and granular scopes.
Dan Kaplan
Jan 2026
|
6 min read
Aembit engineer Sebastian working on computers while looking at camera.

When the Vendor Becomes the Customer: Building Internal Tools on an Agentic IAM Platform

A project to improve test visibility meant using Aembit the same way customers do, in a real deployment environment where software runs unattended and requires trusted access to external services.
Dan Kaplan
Jan 2026
|
4 min read
MCP vs Traditional API Security

MCP vs. Traditional API Security: Key Differences

Securing MCP requires a fundamentally different approach than traditional API security.
Apurva Davé
Dec 2025
|
6 min read
Zero Trust 2026

Identity Over Network: Why 2026 Zero Trust Is About Who/What, Not Where

True zero trust requires verified identity at every request and eliminating static credentials entirely.
Dan Kaplan
Dec 2025
|
5 min read
Jenkins logo.

Aembit Adds Jenkins CI/CD Support

This update gives every Jenkins job a real identity and automated short-lived access so teams can retire static secrets without changing how their pipelines run.
Ashur Kanoon
Dec 2025
|
4 min read
CBAC for MCP Servers

Context-Based Access Control for MCP Servers: Why Static Rules Fail in Dynamic Environments

Traditional static access control is inadequate for dynamic MCP server environments. Context-Based Access Control (CBAC) provides superior security by evaluating identity, context, and resource in real-time.
Dan Kaplan
Dec 2025
|
6 min read
OAuth 2.0 vs 2.1

OAuth 2.0 vs 2.1: What’s Changed and Why It Matters for Developers

OAuth 2.1 eliminates implicit flow, mandates PKCE, and requires exact redirect matching.
Ashur Kanoon
Dec 2025
|
5 min read
JWT vs. OAuth

JWT vs. OAuth: Understanding the Roles of Tokens and Authorization

JWT and OAuth work together for robust authorization, especially in machine-to-machine communication.
Ashur Kanoon
Dec 2025
|
6 min read
CI/CD

The CI/CD Supply Chain Security Checklist (That Your Dev Team Will Actually Use)

Eliminate pipeline secrets, secure dependencies, and implement workload identity federation in 3 weeks.
Ashur Kanoon
Dec 2025
|
6 min read
What is Agentic AI

What Exactly Is Agentic AI (and Why It Matters Now)

Agentic AI systems act autonomously to achieve goals, planning multi-step tasks and adapting to changing conditions.
Apurva Davé
Nov 2025
|
5 min read
Load More

Ready to Try Workload IAM?

Get started in minutes, with no sales calls required. Our free- forever tier is just a click away.

Request a Demo