Welcome to NHICon 2025!
Aembit Co-Founder & CEO David Goldschlag and moderator Dan Kaplan kick off NHIcon 2025 – a full day of conversation, collaboration, and ideas on non-human identity and agentic AI security.
Kevin Mandia on the Emerging Threats of Agentic AI, Non-Human Identity, and Beyond | NHIcon 2025
Drawing on decades of frontline experience and expertise in threat intelligence and incident response, Kevin Mandia spotlights the trends and challenges destined to shape cybersecurity in 2025. As automation, modern software practices, and complex cloud environments accelerate, he’ll zero in on two emerging threats: safeguarding AI-driven technologies and managing the escalating risks tied to non-human identities – machine identities, service accounts, and workload credentials increasingly implicated in breaches.
About Aembit
Aembit is the non-human identity and access management platform that secures access between workloads across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and Zero Trust workload access with MFA-strength capabilities.
📔
Get more Aembit!
Website: https://www.aembit.io/
LinkedIn: https://www.linkedin.com/company/aembit/
LLMjacking Exposed: How Attackers Hijack Agentic AI Models | NHIcon 2025
AI misuse ranks high on cybersecurity forecasts for 2025, and for good reason. This session explores LLMjacking, a newly identified threat by the Sysdig Threat Research Team, showcasing how attackers exploit large language models to bolster their malicious activities. After we discuss the details of this real-world threat, attendees will witness a live demonstration of prompt injection, where an LLM is manipulated into executing malicious code.
About Aembit
Aembit is the non-human identity and access management platform that secures access between workloads across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and Zero Trust workload access with MFA-strength capabilities.
📔
Get more Aembit!
Website: https://www.aembit.io/
LinkedIn: https://www.linkedin.com/company/aembit/
Enhancing Identity Standards for Non-Human Identities in Modern Systems | NHIcon2025
Non-human identities (NHIs) – from APIs to AI agents – are essential to modern enterprises, yet they do not map well to traditional identity models. Directories and joiner-mover-leaver workflows were never designed for ephemeral, dynamic NHIs, leaving a gap in both scalability and security. In this session, we’ll explore why NHIs don’t fit neatly into existing standards and how enhancing frameworks like SPIFFE and WIMSE, as well as new credential standards like SPICE, is crucial for managing their unique demands. Heather Flanagan, executive director and principal editor of IDPro, talks about the risks of token sprawl, the need for dynamic provisioning, and strategies to unify IAM, DevOps, and security teams around NHI challenges.
About Aembit
Aembit is the non-human identity and access management platform that secures access between workloads across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and Zero Trust workload access with MFA-strength capabilities.
📔
Get more Aembit!
Website: https://www.aembit.io/
LinkedIn: https://www.linkedin.com/company/aembit/
CISOs' Perspectives on the Business Risk of NHIs
Top security leaders from across industries will discuss the emerging risks associated with non-human identities, including the exposure of credentials and secrets. The conversation will focus on how CISOs can bring NHIs into risk management and compliance frameworks, prioritize them alongside human identities, assign ownership within the business, and address the strategic gaps that can leave organizations vulnerable.
Securing Non-Human Identity: A Personal Journey With Ed Amoroso | NHIcon 2025
Former AT&T CISO Ed Amoroso leans on decades of experience to share what enterprise CISOs are prioritizing (and what they aren’t) with their identity access infrastructure.
About Aembit
Aembit is the non-human identity and access management platform that secures access between workloads across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and Zero Trust workload access with MFA-strength capabilities.
📔
Get more Aembit!
Website: https://www.aembit.io/
LinkedIn: https://www.linkedin.com/company/aembit/
Dr. Seymour Keys Introduces Credentialitis, the Secrets Ailment Plaguing Security and DevOps
Dr. Seymour Keys (not a real doctor) has seen it all – hard-coded credentials, endless key rotations, and secrets buried in every corner of a pipeline. Doctors of identity security call it Credentialitis.
Here he traces the symptoms, the complications, and why untreated cases keep security and DevOps teams up at night. The good news? Like any condition, awareness is the first step toward recovery.
Watch him provide an intro into this modern ailment, then decide for yourself whether it’s time to schedule a check-up at https://aemb.it/Credentialitis.
About Aembit
Aembit is the non-human identity and access management platform that secures access between workloads and AI agents across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and Zero Trust workload access with MFA-strength capabilities.
📔
Get more Aembit!
Website: https://www.aembit.io/
LinkedIn: https://www.linkedin.com/company/aembit
[Demo] Splunk Direct Integration With Aembit via HTTP Event Collector
In this walkthrough, we show how Aembit’s new Splunk direct integration works using the HTTP Event Collector (HEC).
You’ll learn how to:
• Configure Splunk with your Aembit tenant and token.
• Push audit logs and other event types directly into Splunk.
• Build Splunk dashboards to track workloads, connections, and potential account compromises.
• Continue using S3 and Google Cloud bucket options if preferred
Aembit makes it simple to centralize workload identity and access data in your SIEM or SOAR while still providing a powerful built-in dashboard.
About Aembit
Aembit is the non-human identity and access management platform that secures access between workloads across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and Zero Trust workload access with MFA-strength capabilities.
📔
Get more Aembit!
Website: https://www.aembit.io/
LinkedIn: https://www.linkedin.com/company/aembit/
Zero Trust for Non-Human Identities: A Cloud-First Approach | NHIcon 2025
Cloud-first environments bring speed and scalability – but they also amplify the risks associated with non-human identities like service accounts, API keys, and workloads. In this keynote, Talha Tariq will demonstrate how applying zero-trust principles can address these challenges head-on. Drawing from HashiCorp’s security strategy, he’ll reveal practical approaches to automating secrets management, implementing just-in-time access, and curbing credential sprawl. Attendees will gain a clear roadmap to strengthen their security posture while maintaining the agility needed for modern innovation.
About Aembit
Aembit is the non-human identity and access management platform that secures access between workloads across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and Zero Trust workload access with MFA-strength capabilities.
📔
Get more Aembit!
Website: https://www.aembit.io/
LinkedIn: https://www.linkedin.com/company/aembit/
Get the most out of the Aembit and upskill your secure workload know-how with our our interactive sessions.
Get the most out of the Aembit and upskill your secure workload know-how with our our interactive sessions.
