Modern applications tend to be widely distributed and rely on multiple services, technologies, and APIs. Developers need to be able to authenticate their applications to those services, store those credentials securely, and monitor access. While security and DevOps teams can integrate their existing identity access management (IAM) platform with secrets-management tools and enable audit logging, the resulting system tends to be challenging to implement and operate.
This is the problem Aembit, which emerged from stealth today, is tackling with its cloud-based platform. Aembit helps organizations provide seamless and secure access from client workloads to their APIs, databases, and cloud resources. DevOps and security teams can manage how federated workloads talk to each other without requiring developers to make changes to their applications, the company says.
Aembit defines workloads as “any program or application utilizing computing, data, networking, and storage to perform one or more tasks.” Examples include custom applications, HTTP-based APIs from software-as-a-service providers or API gateways, databases, data warehouses, data lakes, and application services provided by hyper-scale cloud vendors.
Founded in 2021, Aembit’s IAM platform “gives identities to your workloads, authenticates them, authorizes them to access each other based on policies you set, and logs all accesses and access attempts for auditing and analytics,” the company said last fall.
Workload IAM is a subcategory of the broader IAM market, as it focuses on workload-to-workload interactions. IAM most commonly focuses on allowing human users to securely access applications and systems; workload IAM authorizes applications and services to access other applications and services. It’s an area that organizations are increasingly paying attention to because these connections can be abused. The breach at CircleCI is a good example: A system breach in CircleCI resulted in organizations having to rotate their secrets. The recent T-Mobile data breach, where data affiliated with 37 million customer accounts was stolen, was the result of an exploited API.
“The mesh of workload-to-workload connections created when software talks to other software need to be identified, secured and managed,” said Jake Seid, co-founder and general partner of Ballistic Ventures, in a statement. “Aembit is defining this new category of Workload IAM to defend enterprises’ most critical digital assets.”
As part of the launch, Aembit also raised $16.6 million in seed funding from Ballistic Ventures and Ten Eleven Ventures. Aembit's co-founders, David Goldschlag and Kevin Sapp, previously co-founded New Edge Labs, which was sold to Netskope in 2019. The pair also founded mobile device management platform Trust Digital, which was acquired by McAfee in 2010.