New independent research: Most enterprises aren’t fully ready to secure autonomous AI agents →

TRY AEMBIT
TALK TO AN ENGINEER
Blog
Blog
Blog
X

Blog

Tag: Access

Businessperson interacting with CRM data.

When Salesforce Becomes a De Facto Credential Repository: Lessons from the Drift OAuth Breach

This malicious campaign demonstrates how long-lived token theft can become the first step in a much broader breach.
Dan Kaplan
Aug 2025
|
3 min read
Workload identity vs. workload access management

Workload Identity vs. Workload Access Management: Securing Cloud-Native Workloads in a Dynamic Environment

Understanding the distinction is essential for implementing Zero Trust.
Dan Kaplan
Aug 2025
|
5 min read
Dynamic Authorization vs. Static Secrets

Dynamic Authorization vs. Static Secrets: Rethinking Cloud Access Controls

Learn why static secrets fail in modern environments and how to implement dynamic authorization.
Dan Kaplan
Aug 2025
|
6 min read
What Identity Federation Means for Workloads

What Identity Federation Means for Workloads in Cloud-Native Environments

Learn how federation works for non-human identities, where legacy models fall short, and how to implement a secure, scalable solution.
Dan Kaplan
Aug 2025
|
7 min read
Man typing code.

What the xAI Key Leak Teaches Us About Secrets – And How to Fix Them

One careless push unlocked 52 AI models, but the real story is how to keep this from happening again.
Apurva Davé
Jul 2025
|
3 min read
Inside Snowflake's NHI Security Playbook.

The Story Behind Snowflake’s Push to Rein in Non-Human Identities

After locking down workforce identity, Snowflake’s security team took on the harder problem – controlling non-human access at scale without slowing teams down.
Dan Kaplan
Jul 2025
|
4 min read
key management solutions

Key Management Solutions for Non-Human Identities in the Cloud

Learn how leading enterprises manage access keys for non-human cloud workloads, reduce credential risks, and move beyond traditional key management.
Apurva Davé
Jun 2025
|
9 min read
Introducing Workload IAM for Microsoft Environments.

Introducing Comprehensive Workload Identity and Access Management Across Microsoft Environments

With Aembit, you can secure Microsoft workloads – wherever they run – using short-lived credentials, posture-aware policies, and no-code credential injection.
Ashur Kanoon
Jun 2025
|
5 min read

What Kind of Identity Should Your AI Agent Have?

AI agents don’t neatly fit into your IAM chart. They switch roles, borrow authority, and rewrite what identity means at runtime. Here’s what that means for you.
Apurva Davé
May 2025
|
7 min read
MCP OAuth 21 PKCE and the future of AI authorization

MCP, OAuth 2.1, PKCE, and the Future of AI Authorization

The MCP authorization spec sets a new standard for securing non-human AI agents – with lessons for anyone building autonomous, scalable systems.
Kevin Sapp
May 2025
|
7 min read
Load More