The security team said yes: How a $300B investment firm deployed Claude agents across the enterprise →

TRY AEMBIT
TALK TO AN ENGINEER
Blog

Tag: Authentication

How to Build an MCP Server — and What to Do Before You Ship It

How To Create an MCP Server To Connect Your App With LLMs

You can stand up an MCP server in minutes, but controlling how it authenticates and what it can access is where the real work begins.
Aembit Engineering
Apr 2026
|
8 min read
encryption keys vs access keys

Managing Encryption Keys vs. Access Keys

Modern infrastructure depends on keys: encryption and access. They’re not the same, and treating them the same quietly introduces risk.
Dan Kaplan
Apr 2026
|
6 min read
Connected workloads

8 Workload Authentication Methods for Nonhuman Identities

Every workload that calls an API has to prove it belongs. How that proof gets exchanged shapes the blast radius of any credential leak.
Victor Ronin
Apr 2026
|
7 min read
API Keys vs. JWTs: Choosing the Right Auth Method for Your API

API Keys vs. JWTs: Choosing the Right Auth Method for Your API

Not all credentials are created equal. Compare API keys and JWTs across security, scalability, and fit for modern workload authentication.
Ashur Kanoon
Apr 2026
|
5 min read
MCP Threat Modeling: Understanding the Attack Surface

MCP Threat Modeling: Understanding the Attack Surface

MCP gives AI agents a common language for action—but also a new attack surface. Here’s how to model threats before they become incidents.
Apurva Davé
Apr 2026
|
6 min read
Workload IAM vs. Secrets Managers header image with person keeping a secret

Workload IAM vs. Secrets Management: A Practical Decision Guide

Most organizations start their nonhuman identity security program with a secrets manager. It’s a sensible first step. But as workloads multiply across clouds and the credential sprawl grows, the question shifts from “where do we store secrets?” to “do we need secrets at all?”
Dan Kaplan
Mar 2026
|
6 min read
Aembit + Netskope Partnership

Announcing the Aembit + Netskope Partnership for Agentic AI Security

By combining identity-based access control with content inspection, this closes a gap most teams are still trying to manage with separate tools and after-the-fact controls.
Emma Zaballos
Mar 2026
|
5 min read
JWT vs. OAuth

JWT vs. OAuth: Understanding Tokens and Authorization

OAuth is an authorization framework that defines how to grant access. JWT is a token format that defines how to package and transmit claims. They solve different problems, and most production systems use both.
Ashur Kanoon
Mar 2026
|
6 min read
secret remediation best practices

Secret Remediation Best Practices: A Step-by-Step Guide

Secret remediation is the process of responding to an exposed credential by revoking it, rotating it and removing every trace of it from your environment.
Apurva Davé
Mar 2026
|
6 min read
Agentic AI Needs Guardrails

Agentic AI Guardrails: What They Are and How to Implement Them

Agentic AI guardrails are the technical controls, policy frameworks, and oversight mechanisms that define what an AI agent can do, what it can access and when it needs to stop and ask a human.
Dan Kaplan
Mar 2026
|
6 min read
Load More