service accounts

Diagram showing how Kerberos authentication works

RC4 in Active Directory: The silent risk that’s harder to find than you think

| | Active Directory, Authentication, Blog, identity security, ISPM, KERBEROS, NHI security, service accounts
RC4 is a legacy encryption algorithm that Kerberos has relied on for decades to secure authentication traffic in Active Directory (AD) environments. That’s about to change—whether your environment is ready or not.  ...
Blog – Silverfort
83% of Cloud Breaches Start with Identity, AI Agents Are About to Make it Worse

83% of Cloud Breaches Start with Identity, AI Agents Are About to Make it Worse

| | AI native security, Attack Surface, automated containment, automated response, CI-CD, cloud intrusions, cloud threat acceleration, credential stealer, Crypto miners, endpoint AI risk, exploitation window, GitHub PAT, Google Cloud Threat Horizons, H1 2026, identity compromise, identity governance, Kubernetes pivot, LLM misuse, LLM process monitoring, local LLM reconnaissance, Non-Human Identities, NPM supply chain, OIDC, privilege overprovisioning, process visibility, QUIETVAULT, service accounts, Threat Intelligence, UNC4899, UNC6426, vulnerability weaponization, zero trust
Summary of Google’s H1 2026 Cloud Threat Horizons findings arguing identity failures, weaponized local AI tooling, and collapsing exploitation windows require AI-native security architectures and automated identity governance ...
Security Boulevard
decentralized identity, data, authentication, security, systhetic identity fraud, user management CyberArk identity authentication biometricsidentity AMaaS identity fraud authentication Stealthbits

Why Attackers no Longer Need to Break in: The Rise of Identity-Based Attacks 

| | , anomaly detection, credential market, dark web, deepfakes, hardware keys, IAM inventory, identity perimeter, Identity Theft, least privilege, Machine Identities, mfa fatigue, Passkeys, Privileged access management, service accounts, Session hijacking, social engineering, stolen credentials, voice phishing, VPN credentials, zero trust
In 2026 stolen credentials and unmanaged machine identities drive breaches—small buys, phone scams, and weak IAM make identity the real perimeter; prioritize inventory, least privilege, and stronger auth ...
Security Boulevard

The Real Risk Behind Service Accounts (And Why Nobody’s Watching Them) 

| | Industry Insights, service accounts
6 min readWhile companies pour resources into securing employee accounts with MFA, zero trust and regular access reviews, service accounts still get created with static credentials, granted sweeping permissions and then left ...
Aembit
Aembit GitLab component screenshot.

Aembit Introduces GitLab Credential Lifecycle Management and GitLab Component

| | CI-CD, Product updates, Secrets, service accounts
7 min readSay goodbye to long-lived personal access tokens as you replace them with ephemeral, policy-driven credentials and automated service account management. The post Aembit Introduces GitLab Credential Lifecycle Management and GitLab ...
Aembit

What the xAI Key Leak Teaches Us About Secrets – And How to Fix Them

| | breach analysis, service accounts, snowflake, workloads
3 min readOne careless push unlocked 52 AI models, but the real story is how to keep this from happening again. The post What the xAI Key Leak Teaches Us About Secrets ...
Aembit
Snowflake-Aembit webinar.

The Story Behind Snowflake’s Push to Rein in Non-Human Identities

| | Best Practices, service accounts, snowflake, workloads, zFeatured
4 min readAfter locking down workforce identity, Snowflake’s security team took on the harder problem – controlling non-human access at scale without slowing teams down. The post The Story Behind Snowflake’s Push ...
Aembit
5 common exploits of NHIs.

5 Common Ways Non-Human Identities Are Exploited – and How to Secure Them

| | identities, Industry Insights, Secrets, service accounts
4 min readDiscover the emerging class of attacks involving software workloads and AI agents. The post 5 Common Ways Non-Human Identities Are Exploited – and How to Secure Them appeared first on ...
Aembit
How Attestation Enables Secretless Authentication in Workload Identity

Introducing One Security Token Service for All Your Clouds

| | Announcements, Cloud, Engineering, identities, Product updates, service accounts
7 min readSecuring non-human access should be easier – but federation is fragmented, manual, and brittle. We built a better way to do it across clouds. The post Introducing One Security Token ...
Aembit

Nonhuman Identity Security vs. Service Account Management: What’s the Difference?

| | CI-CD, Compliance, Industry Insights, service accounts, Workload Identity
5 min readThe concept of nonhuman identity is gaining traction fast, sparking new debate over how it differs from managing service accounts. The post Nonhuman Identity Security vs. Service Account Management: What’s ...
Aembit
Load more