Aembit Raises $25 Million in Series A Funding for Non-Human Identity and Access Management
September 12 2024 - 10:00AM
Aembit, the leading non-human identity and access management (IAM)
company, has secured $25 million in Series A funding, bringing its
total capital raised to nearly $45 million. Acrew
Capital led the round, with participation from existing
investors Ballistic Ventures, Ten Eleven Ventures, Okta Ventures,
and CrowdStrike Falcon Fund.
Aembit’s funding comes in the wake of continued high-profile
non-human identity attacks on organizations such as Cloudflare, The
New York Times, and Microsoft. Non-human identity (NHI) refers to
the applications, scripts, and bots that businesses use to automate
their operations, as well as the credentials used by NHIs to
communicate to sensitive databases, applications, and
infrastructure.
These incidents exposed secrets such as API keys, access tokens,
and other non-human access credentials, which were used to
penetrate enterprise environments. In a newly published survey of
security professionals, Aembit found that most organizations still
struggle with managing NHI credentials securely: Over 30% still
storing credentials in code, and 23% using email and chat to share
credentials. Over 60% of respondents are looking for a
comprehensive solution across their entire organization.
Security professionals are recognizing the need for an
access-focused approach that automates identity-driven, secretless,
centrally enforced, and auditable access between distributed
applications and SaaS services to sensitive resources in the cloud
and on-premises.
Aembit has led the market in solving this emerging challenge by
pioneering non-human IAM. It enables policy-based access management
between workloads and the sensitive resources they access, moving
beyond reactive visibility and governance to proactively shrink the
attack surface of rapidly growing and highly distributed non-human
identities. Aembit was recently lauded as a Top 2
finalist in the prestigious 2024 RSA Innovation Sandbox
competition and is a finalist for Best Identity Management Solution
at the 2024 SC Awards. Aembit continues to advance access
management with capabilities such as MFA-strength conditional
access, policy automation via infrastructure-as-code, and robust
auditing for NHI access.
“Aembit is tackling one of the most pressing challenges in
modern enterprise security,” said Mark Kraynak, founding partner at
Acrew Capital. “The shift to cloud and SaaS, and AI has driven an
order-of-magnitude expansion in non-human identities. With the
proliferation of microservices and APIs across diverse
environments, IAM has become the critical first line of defense for
protecting sensitive data. Legacy access management approaches
weren’t designed with this level of scale and automation in mind.
We are thrilled to be partnering with Aembit to bring a new
approach to the market.”
Co-Founders David Goldschlag and Kevin Sapp have spent their
careers innovating across the identity landscape, most recently
creating New Edge Labs (acquired by Netskope), one of the first
user zero trust products on the market.
“Kevin and I founded Aembit with a vision to help enterprises
secure access between non-human workloads, applications, and
software resources with the same principles used today to secure
human access,” said David Goldschlag, co-founder and CEO of Aembit.
“Talking to hundreds of enterprises, and working closely with
design partners, our approach centers on proactively securing
access between non-human identities, while eliminating friction for
developers and security teams.”
“By solving non-human IAM, Aembit is tackling an essential
security challenge,” said Brad Jones, CISO at Snowflake and an
Aembit customer. “Not only is their approach to non-human access
innovative, but Aembit is a provider we can rely on.”
The Aembit Workload IAM Platform enforces secure access between
non-human workloads and the services that authorize access to
sensitive data and infrastructure. Aembit’s policy engine grants
secretless access, just-in-time, based on the workload’s identity
and posture.
Leveraging native identities and sophisticated automation,
organizations use Aembit to eliminate storage of sensitive secrets
within applications or vaults by moving to short-lived access
tokens with a no-code auth approach. With Aembit, businesses
proactively secure non-human access while eliminating the manual
and fragmented work required today by security, engineering, and
DevSecOps teams.
About Aembit
Aembit is the non-human identity and access management
platform that secures access between workloads across clouds, SaaS,
and data centers. With Aembit’s identity control plane, DevSecOps
can fully automate secretless, policy-based, and Zero Trust
workload access with MFA-strength capabilities. For more
information, users can
visit https://aembit.io/ and follow us on
LinkedIn.
Contact
CMOApurva
DavéAembitinfo@aembit.io