Tuesday, December 24, 2024
HomePress ReleaseAembit Raises $25 Million in Series A Funding for Non-Human Identity and...

Aembit Raises $25 Million in Series A Funding for Non-Human Identity and Access Management

Published on

SIEM as a Service

The investment will drive the company’s advancement of scalable workload access management for enterprises

Aembit, the leading non-human identity and access management (IAM) company, has secured $25 million in Series A funding, bringing its total capital raised to nearly $45 million. Acrew Capital led the round, with participation from existing investors Ballistic Ventures, Ten Eleven Ventures, Okta Ventures, and CrowdStrike Falcon Fund.

Aembit’s funding comes in the wake of continued high-profile non-human identity attacks on organizations such as Cloudflare, The New York Times, and Microsoft. Non-human identity (NHI) refers to the applications, scripts, and bots that businesses use to automate their operations, as well as the credentials used by NHIs to communicate to sensitive databases, applications, and infrastructure. 

- Advertisement - SIEM as a Service

These incidents exposed secrets such as API keys, access tokens, and other non-human access credentials, which were used to penetrate enterprise environments. In a newly published survey of security professionals, Aembit found that most organizations still struggle with managing NHI credentials securely: Over 30% still storing credentials in code, and 23% using email and chat to share credentials. Over 60% of respondents are looking for a comprehensive solution across their entire organization.

Security professionals are recognizing the need for an access-focused approach that automates identity-driven, secretless, centrally enforced, and auditable access between distributed applications and SaaS services to sensitive resources in the cloud and on-premises. 

Aembit has led the market in solving this emerging challenge by pioneering non-human IAM. It enables policy-based access management between workloads and the sensitive resources they access, moving beyond reactive visibility and governance to proactively shrink the attack surface of rapidly growing and highly distributed non-human identities. Aembit was recently lauded as a Top 2 finalist in the prestigious 2024 RSA Innovation Sandbox competition and is a finalist for Best Identity Management Solution at the 2024 SC Awards. Aembit continues to advance access management with capabilities such as MFA-strength conditional access, policy automation via infrastructure-as-code, and robust auditing for NHI access. 

“Aembit is tackling one of the most pressing challenges in modern enterprise security,” said Mark Kraynak, founding partner at Acrew Capital. “The shift to cloud and SaaS, and AI has driven an order-of-magnitude expansion in non-human identities. With the proliferation of microservices and APIs across diverse environments, IAM has become the critical first line of defense for protecting sensitive data. Legacy access management approaches weren’t designed with this level of scale and automation in mind. We are thrilled to be partnering with Aembit to bring a new approach to the market.”

Co-Founders David Goldschlag and Kevin Sapp have spent their careers innovating across the identity landscape, most recently creating New Edge Labs (acquired by Netskope), one of the first user zero trust products on the market.

“Kevin and I founded Aembit with a vision to help enterprises secure access between non-human workloads, applications, and software resources with the same principles used today to secure human access,” said David Goldschlag, co-founder and CEO of Aembit. “Talking to hundreds of enterprises, and working closely with design partners, our approach centers on proactively securing access between non-human identities, while eliminating friction for developers and security teams.”“By solving non-human IAM, Aembit is tackling an essential security challenge,” said Brad Jones, CISO at Snowflake and an Aembit customer. “Not only is their approach to non-human access innovative, but Aembit is a provider we can rely on.”

The Aembit Workload IAM Platform enforces secure access between non-human workloads and the services that authorize access to sensitive data and infrastructure. Aembit’s policy engine grants secretless access, just-in-time, based on the workload’s identity and posture. 

Leveraging native identities and sophisticated automation, organizations use Aembit to eliminate storage of sensitive secrets within applications or vaults by moving to short-lived access tokens with a no-code auth approach. With Aembit, businesses proactively secure non-human access while eliminating the manual and fragmented work required today by security, engineering, and DevSecOps teams.

About Aembit

Aembit is the non-human identity and access management platform that secures access between workloads across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and Zero Trust workload access with MFA-strength capabilities. For more information, users can visit https://aembit.io/ and follow us on LinkedIn.

Contact

CMO
Apurva Davé
Aembit
info@aembit.io

Kaaviya
Kaaviya
Kaaviya is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space.

Latest articles

Node.js systeminformation Package Vulnerability Exposes Millions of Systems to RCE Attacks

A critical command injection vulnerability in the popular systeminformation npm package has recently been disclosed, exposing...

Skuld Malware Using Weaponized Windows Utilities Packages To Deliver Malware

Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer...

BellaCiao, A new .NET Malware With Advanced Sophisticated Techniques

An investigation revealed an intrusion in Asia involving the BellaCiao .NET malware, as the...

Malicious Apps On Amazon Appstore Records Screen And Interecpt OTP Verifications

A seemingly benign health app, "BMI CalculationVsn," was found on the Amazon App Store,...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Resecurity introduces Government Security Operations Center (GSOC) at NATO Edge 2024

Resecurity, a global leader in cybersecurity solutions, unveiled its advanced Government Security Operations Center...

DMD Diamond Launches Open Beta for v4 Blockchain Ahead of 2025 Mainnet

DMD Diamond - one of the oldest blockchain projects in the space has announced the...

Sweet Security Introduces Evolutionary Leap in Cloud Detection and Response, Releasing First Unified Detection & Response Platform

With Sweet, customers can now unify detection and response for applications, workloads, and cloud...