Aembit

Ready to get your read on? 🗞️ This month’s newsletter covers the attack everyone’s talking about, the event you’ll want a seat for, and the agentic identity basics you need to know now.

Most of the damage in cloud incidents doesn’t come from who the workload is – it comes from what it’s allowed to reach. 🔑 That risk gets amplified when AI agents start chaining actions across environments. The post breaks down why 𝘄𝗼𝗿𝗸𝗹𝗼𝗮𝗱 𝗮𝗰𝗰𝗲𝘀𝘀 𝗺𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁 has become the real control point for containment. Identity confirms the workload is legitimate, but access defines the reach. When that reach is too broad, even routine activity can turn into exposure. Read the post for a full explainer ➡️ https://aemb.it/49wr5FE

🎤 The 2025 Cloud Security Alliance #Pitchapalooza pitches, including from our Co-Founder & CEO David Goldschlag, begin in less than 10 minutes! Join for free: https://aemb.it/47EgSFH

Hear from the CSA Pitchapalooza Top 4 Finalists: Aembit, Hopper Security, Zenity, and Adversa AI 9 am PT on Thursday, November 20!

𝗔𝗜-𝗢𝗿𝗰𝗵𝗲𝘀𝘁𝗿𝗮𝘁𝗲𝗱 𝗔𝘁𝘁𝗮𝗰𝗸:⚠️ Anthropic has published the details of a recent attack in which a single agent carried out most of the operation, which targeted high-profile enterprises. The techniques were the familiar building blocks of an intrusion – reconnaissance, exploit generation, credential reuse, and privilege escalation – but what changed was the pace and continuity of the activity (which the investigators described as “impossible for a human to match") as well as the way the agent advanced once it was given usable credentials and a series of tasks that hid their broader intent. Agentic AI is further proof that what truly determines how far an intruder can go is the 𝘪𝘥𝘦𝘯𝘵𝘪𝘵𝘺 𝘪𝘵 𝘩𝘰𝘭𝘥𝘴 𝘢𝘯𝘥 𝘵𝘩𝘦 𝘢𝘤𝘤𝘦𝘴𝘴 𝘪𝘵 𝘪𝘯𝘩𝘦𝘳𝘪𝘵𝘴, not the code it runs. This holds especially true for autonomous actors. We put together a concise review of the case and the identity security practices that would have limited its reach ➡️ https://aemb.it/3XIBtmd

“𝗜𝗳 𝘄𝗲’𝗿𝗲 𝗴𝗼𝗶𝗻𝗴 𝘁𝗼 𝗵𝗮𝘃𝗲 𝗮𝗻 𝗔𝗜 𝗮𝗴𝗲𝗻𝘁 𝗴𝗼 𝗶𝗻𝘁𝗼 𝗮 𝗰𝘂𝘀𝘁𝗼𝗺𝗲𝗿 𝗲𝗻𝘃𝗶𝗿𝗼𝗻𝗺𝗲𝗻𝘁, 𝘄𝗲 𝘄𝗮𝗻𝘁 𝘁𝗼 𝗺𝗮𝗸𝗲 𝘀𝘂𝗿𝗲 𝘁𝗵𝗮𝘁’𝘀 𝗮 𝗵𝗶𝗴𝗵𝗹𝘆 𝘀𝗲𝗰𝘂𝗿𝗲𝗱 𝗔𝗜 𝗮𝗴𝗲𝗻𝘁 𝗳𝗿𝗼𝗺 𝗲𝘃𝗲𝗿𝘆 𝗮𝗻𝗴𝗹𝗲 𝗽𝗼𝘀𝘀𝗶𝗯𝗹𝗲...𝗧𝗵𝗮𝗻𝗸𝗳𝘂𝗹𝗹𝘆 𝘄𝗲 𝗰𝗮𝗻 𝘀𝗲𝗰𝘂𝗿𝗲 𝗮𝗹𝗹 𝘁𝗵𝗼𝘀𝗲 𝗔𝗜 𝘄𝗼𝗿𝗸𝗹𝗼𝗮𝗱𝘀 𝘄𝗶𝘁𝗵 𝗔𝗲𝗺𝗯𝗶𝘁.” Dan L., founder of Red Cup IT, wants his AI agents to do more than observe – he wants them to take action in customer environments, resolving problems automatically without disruption. That requires a way to trust every connection and control what each agent can do. In this short success story 📹 👇, Le shares how his California-based MSP uses Aembit to secure agentic AI in practice, giving each agent a clear identity, measurable access, and the accountability needed to operate safely at scale. Full video link: https://aemb.it/4nYr9Bl

If you want a clear read on where identity risk is actually heading, this new report from Rubrik Zero Labs offers a snapshot of what enterprise teams are dealing with: • 58% of respondents expect that within a year, half or more of the attacks they face will be driven by agentic AI. • 90% say identity-based attacks are now their single biggest threat. • 87% are changing IAM providers or already underway – a suggestive sign of IAM tilting hard toward agentic and workload identities, not just people. You can read the full report here (PDF) 👉 https://aemb.it/4i5iThx

⏰ 𝗟𝗮𝘀𝘁 𝗖𝗮𝗹𝗹 𝗳𝗼𝗿 𝗦𝗽𝗲𝗮𝗸𝗲𝗿𝘀: Time is officially running out to submit a talk for the second-annual #NHIcon happening Jan. 27. If you're doing meaningful work at the intersection of security and AI – especially around agentic software and identities – we want to hear from you! We've extended the deadline to submit to 11:59 p.m. ET on Monday 👉 https://aemb.it/4hwSpFp

𝗕𝗜𝗚 𝗨𝗣𝗗𝗔𝗧𝗘: We’re incredibly excited to share that Aembit has been selected as a finalist for Cloud Security Alliance's 🚀 Startup Pitchapalooza 2025. Our live pitch next week is an opportunity to show how IAM for agentic AI and workloads can address a problem that’s becoming impossible for security teams to ignore. 🙏 So appreciative that the CSA CISO community deemed us worthy of the shortlist. And congratulations to Adversa AI, Hopper Security, and Zenity – strong company to be in. 𝗧𝗵𝗲 𝗹𝗶𝘃𝗲 𝗽𝗶𝘁𝗰𝗵𝗲𝘀 𝘁𝗮𝗸𝗲 𝗽𝗹𝗮𝗰𝗲 𝗮𝘁 𝘁𝗵𝗲 𝗖𝗦𝗔 𝗖𝘅𝗢 𝗧𝗿𝘂𝘀𝘁 𝗩𝗶𝗿𝘁𝘂𝗮𝗹 𝗦𝘂𝗺𝗺𝗶𝘁 𝗶𝗻 𝗼𝗻𝗲 𝘄𝗲𝗲𝗸, 𝗼𝗻 𝗡𝗼𝘃. 𝟮𝟬 𝗮𝘁 𝟵 𝗮.𝗺. 𝗣𝗧. If you want a look at the work that’s genuinely moving security forward, you'll definitely want to tune in. You can register here: https://aemb.it/47EgSFH

[𝗖𝗛𝗘𝗔𝗧 𝗦𝗛𝗘𝗘𝗧] Every organization adopting AI agents tends to hit the same wall eventually: unclear identity boundaries and access sprawl. Our 𝘈𝘨𝘦𝘯𝘵𝘪𝘤 𝘈𝘐 𝘐𝘥𝘦𝘯𝘵𝘪𝘵𝘺 101 📥 cheat sheet breaks down what to fix before that happens – a timeline of how we got here, 10 core definitions to know, the risks most teams overlook, and the practical controls that actually work in production. 🗒 It’s a quick reference worth saving if you’re mapping how to secure agentic systems before they outgrow your current IAM model. Browse it below or here ➡️ https://aemb.it/3JYWMgb