The security team said yes: How a $300B investment firm deployed Claude agents across the enterprise →

TRY AEMBIT
TALK TO AN ENGINEER

<  BACK TO FULL GLOSSARY

Glossary Terms: S

A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Y
Z

Security Token Service (STS)

IAM concepts
STS (such as AWS Security Token Service) is a cloud service that provides temporary, limited-privilege credentials for authenticated users or workloads. These tokens allow access to resources for a specific duration, reducing the need for long-term credentials and improving security.

Service Account Token

Identity types
A service account token is a credential used by service accounts (non-human identities) to authenticate with systems and services. These tokens are often used by applications or services running in environments like Kubernetes to access resources without human interaction.

Software Development Life Cycle (SDLC)

IT concepts
SDLC is a structured process for developing software, consisting of phases such as planning, designing, coding, testing, deploying, and maintaining. In IAM, the SDLC is critical for ensuring that identity and access controls are built securely into software products throughout their development.

Software Development Kit (SDK)

IT concepts
An SDK is a set of tools, libraries, and documentation that enables developers to build software applications for specific platforms or services. In IAM, SDKs are often provided by IAM solutions or cloud providers to allow seamless integration of identity and access management functionality into applications.

SPIFFE (Secure Production Identity Framework for Everyone)

IAM concepts
SPIFFE is an open-source framework for providing secure, cryptographic identities to services and workloads in dynamic, distributed systems like microservices. It defines standards for identity creation, verification, and lifecycle management across different cloud and infrastructure environments.

SPIRE (SPIFFE Runtime Environment)

IAM concepts
SPIRE is the production-grade implementation of the SPIFFE specification. It is a system that manages, issues, and verifies SPIFFE identities across distributed systems, ensuring workloads are properly authenticated within microservices environments.