Meet Aembit IAM for Agentic AI. See what’s possible →

TRY AEMBIT
TALK TO AN ENGINEER
Blog
Blog
Blog
X

Blog

Tag: Access

Man working on laptop with ServiceNow software running.

Agents Aren’t People: What the ServiceNow Vulnerability Reveals About Agentic AI Access Control

A ServiceNow impersonation flaw illustrates how agentic systems turn weak identity assumptions into durable access paths across enterprise environments.
Dan Kaplan
Jan 2026
|
3 min read
Renee Guttmann joins Aembit as adviser.

Veteran CISO and Aembit Adviser Renee Guttmann on Guiding Security into the AI Age

From Coca-Cola to Campbell Soup, Renee Guttmann knows what lasts as security changes.
Dan Kaplan
Nov 2025
|
4 min read
Attestation-based identity

​​Attestation-Based Identity: How It Works and Why It Matters

Instead of just trusting the token’s signature, attestation-based identity adds an extra layer of security.
Ashur Kanoon
Oct 2025
|
7 min read
OAuth vs OIDC

OAuth vs. OIDC: What’s the Difference and When Should You Use Each?

OAuth 2.0 and OIDC solve fundamentally different problems.
Ashur Kanoon
Oct 2025
|
5 min read
Securing Workloads with Conditional Access

Securing Workloads with Conditional Access: The Future of Dynamic Access Control

Conditional access enhances security and reduces the attack surface without adding friction.
Ashur Kanoon
Oct 2025
|
4 min read

Configuring an MCP Server with Auth0 as the Authorization Server

A practical walkthrough of the Auth0 settings and tweaks you’ll need to get an MCP server working smoothly with real-world clients like Claude.
Victor Ronin
Sep 2025
|
4 min read
Businessperson interacting with CRM data.

When Salesforce Becomes a De Facto Credential Repository: Lessons from the Drift OAuth Breach

This malicious campaign demonstrates how long-lived token theft can become the first step in a much broader breach.
Dan Kaplan
Aug 2025
|
3 min read
Workload identity vs. workload access management

Workload Identity vs. Workload Access Management: Securing Cloud-Native Workloads in a Dynamic Environment

Understanding the distinction is essential for implementing Zero Trust.
Dan Kaplan
Aug 2025
|
5 min read
Dynamic Authorization vs. Static Secrets

Dynamic Authorization vs. Static Secrets: Rethinking Cloud Access Controls

Learn why static secrets fail in modern environments and how to implement dynamic authorization.
Dan Kaplan
Aug 2025
|
6 min read
What Identity Federation Means for Workloads

What Identity Federation Means for Workloads in Cloud-Native Environments

Learn how federation works for non-human identities, where legacy models fall short, and how to implement a secure, scalable solution.
Dan Kaplan
Aug 2025
|
7 min read
Load More