The security team said yes: How a $300B deployed Claude agents across the enterprise →

TRY AEMBIT
TALK TO AN ENGINEER
Blog

Tag: Secrets

Secrets figuratively spilling out of LexisNexis.

How a Single Overprivileged Service Turned the LexisNexis Breach Into a Keys-to-the-Kingdom Moment

Details shared by the attacker suggest the intrusion expanded beyond the initial application through permissions that allowed access to dozens of internal credentials.
Dan Kaplan
Mar 2026
|
3 min read

Aembit Connects AI and Workload Access to AWS Secrets Manager

Aembit’s AWS Secrets Manager integration makes it easier to protect AI and workload access today – and evolve toward short-lived, policy-driven authentication.
Ashur Kanoon
Oct 2025
|
4 min read
Secrets Sprawl is Killing DevOps Speed — Here's How to Fix It

Secrets Sprawl is Killing DevOps Speed – Here’s How to Fix It

Secrets sprawl forces developers into constant rework while leaving organizations exposed to the exact security risks they’re trying to prevent.
Dan Kaplan
Oct 2025
|
5 min read
Red Hat GitLab instance breach analysis with thumbnail of code on a laptop.

Red Hat’s GitLab Breach and the Cost of Embedded Credentials

The incident shows how repositories double as inadvertent credential stores, extending risk from vendors into customer environments.
Dan Kaplan
Oct 2025
|
3 min read
Why Hybrid Windows Security Fails

Why Hybrid Windows Environments are Still a Security Blind Spot

Most enterprises struggle with hybrid Windows security gaps. Discover workload identity federation and conditional access to eliminate blind spots.
Ashur Kanoon
Sep 2025
|
5 min read
Are you suffering from credentialitis with doctor asking.

We’ve Identified a New IT Ailment. It’s Called Credentialitis – And It’s Spreading Fast

Credentialitis isn’t just a clever name. It’s a real condition plaguing modern IT teams. Dr. Seymour Keys is here to walk you through the symptoms, the screening, and the treatment.
Dan Kaplan
Sep 2025
|
2 min read
Cloud Posture Tools Miss This Critical IAM Risk (Attackers Don't)

Cloud Posture Tools Don’t Catch This IAM Risk (But Attackers Will)

CSPM platforms excel at configuration analysis but miss dynamic credential lifecycle risks in workload identities. Learn how attackers exploit this blind spot.
Ashur Kanoon
Sep 2025
|
4 min read
Securing AI Agents and LLM Workflows Without Secrets

Securing AI Agents Without Static Credentials

AI agents face unique risks from static API keys and prompt injection. Learn why workload identity eliminates credentials for LLM workflows.
Ashur Kanoon
Sep 2025
|
5 min read
Announcing GitLab CLM.

Aembit Introduces GitLab Credential Lifecycle Management and GitLab Component

Say goodbye to long-lived personal access tokens as you replace them with ephemeral, policy-driven credentials and automated service account management.
Ashur Kanoon
Aug 2025
|
7 min read
Dynamic Authorization vs. Static Secrets

Dynamic Authorization vs. Static Secrets: Rethinking Cloud Access Controls

Learn why static secrets fail in modern environments and how to implement dynamic authorization.
Dan Kaplan
Aug 2025
|
6 min read
Load More