Resources Archives

Infographic showing five layers of workload identity architecture, comparing a narrowly scoped homegrown approach with a production-grade stack across proxying, trust attestation, policy enforcement, integration management, and operational reliability.

Aembit vs. DIY Workload Identity and Access: What Breaks at Scale

Ashur Kanoon | May 26, 2026 | access, Agentic AI, Resources, Workload Identity

10 min readModern infrastructure runs on workloads: microservices, data pipelines, CI/CD jobs, serverless functions, containers, and increasingly, autonomous AI agents. Every one of these workloads needs to authenticate to something, whether a ...

Aembit

Introducing the Identity and Access Gaps in the Age of Autonomous AI Survey Report

Dan Kaplan | March 24, 2026 | Agentic AI, Announcements, Resources

2 min readThe Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload identity and access. The post Introducing the Identity and Access Gaps ...

Aembit

Agentic AI Security Starter Kit: Where Autonomous Systems Fail and How to Defend Against It

Dan Kaplan | February 11, 2026 | Resources

4 min readMany teams are approaching agentic AI with a mixture of interest and unease. Senior leaders see clear potential for efficiency and scale. Builders see an opportunity to remove friction from ...

Aembit

We’ve Identified a New IT Ailment. It’s Called Credentialitis – And It’s Spreading Fast

Dan Kaplan | September 10, 2025 | AI Workloads, Announcements, Resources, Secrets

2 min readCredentialitis isn’t just a clever name. It’s a real condition plaguing modern IT teams. Dr. Seymour Keys is here to walk you through the symptoms, the screening, and the treatment ...

Aembit

The Definitive Catch-Up Guide to Agentic AI Authentication

Victor Ronin | July 10, 2025 | AI, Authentication, Resources, workloads

11 min readA down-to-earth primer to help engineers make sense of agentic AI architecture and where things stand today. The post The Definitive Catch-Up Guide to Agentic AI Authentication appeared first on ...

Aembit

eSkimming Security – Driving Bottom Line Results through Fraud Reduction and Revenue Maximization

Scott Fiesel | May 27, 2025 | Blog, eskimming, Magecart, Resources

by Source Defense Even with the PCI DSS 4.0 deadline now behind us, many organizations are still exposed to costly eSkimming threats and compliance gaps. Source Defense recently hosted a webinar to ...

Blog | Source Defense

Revenue Risk Hidden in Fly by Night New eSkimming Tools

Scott Fiesel | May 19, 2025 | Blog, eskimming, Magecart, Resources

by Source Defense Don’t Trust Your Online Revenue Channel to Sub-par Solutions for eSkimming Security (Beware the big box “me too” solutions) As PCI DSS 4.0.1 enforcement has driven demand for eSkimming ...

Blog | Source Defense

New Breed of Magecart: GTMs Working Together, JavaScript Hidden in CSS

Scott Fiesel | May 6, 2025 | Blog, csp, eskimming, Magecart, Resources, SRI

by Source Defense The Source Defense Research team has uncovered another active eSkimming campaign which demonstrates the use of novel techniques, and an increasing adversarial focus on attacking websites with techniques that ...

Blog | Source Defense

What QSAs Are Saying About PCI DSS 4.0.1 and eSkimming Controls

Scott Fiesel | April 29, 2025 | Blog, csp, eskimming, Magecart, Resources, SRI

by Source Defense On a recent Source Defense roundtable, seasoned QSAs gathered to discuss the latest PCI DSS 4.0.1 updates—specifically requirements 6.4.3 and 11.6.1—and how organizations should respond. What followed was a ...

Blog | Source Defense

Client-Side Security Breach Alert: Blue Shield of California Exposes 4.7 Million Members’ Health Data Through Web Analytics Configuration

Scott Fiesel | April 24, 2025 | Blog, csp, eskimming, Magecart, Resources, SRI

by Source Defense A recent incident at Blue Shield of California highlights the critical importance of client-side security controls when implementing third-party scripts on healthcare websites. The nonprofit health plan has disclosed ...

Blog | Source Defense

Resources

Aembit vs. DIY Workload Identity and Access: What Breaks at Scale

Introducing the Identity and Access Gaps in the Age of Autonomous AI Survey Report

Agentic AI Security Starter Kit: Where Autonomous Systems Fail and How to Defend Against It

We’ve Identified a New IT Ailment. It’s Called Credentialitis – And It’s Spreading Fast

The Definitive Catch-Up Guide to Agentic AI Authentication

eSkimming Security – Driving Bottom Line Results through Fraud Reduction and Revenue Maximization

Revenue Risk Hidden in Fly by Night New eSkimming Tools

New Breed of Magecart: GTMs Working Together, JavaScript Hidden in CSS

What QSAs Are Saying About PCI DSS 4.0.1 and eSkimming Controls

Client-Side Security Breach Alert: Blue Shield of California Exposes 4.7 Million Members’ Health Data Through Web Analytics Configuration

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On