Non-human identity and access management company Aembit Inc. announced today that it had raised $25 million in new funding to further advance its non-human IAM solutions.
Founded in 2021, Ambient offers a non-human IAM platform that secures access between workloads across clouds, software-as-a-service and data centers. The company’s service enables policy-based access management between workloads and the resources they access to shrink the attack surface of highly distributed non-human identities.
The company aims to tackle the issue of non-human identity attacks, such as those that have taken place against companies such as Cloudflare Inc. Non-hum identities are those used by applications, scripts and bots that businesses use in operations, as well as the credentials used by NHIs to communicate with sensitive databases, applications and infrastructure.
According to a recently published survey of security professions undertaken by Aembit, most organizations struggle with NHI credentials, with 30% storing them as code and 23% using email and chat to share credentials. Over 60% of respondents in the survey said they are looking for a comprehensive solution across their entire organizations.
Aembit takes on the challenge with a non-human IAM with service said by the company to move beyond reactive visibility and governance to proactively shrink the attack surface presented by non-human identities.
The Aembit Workload IAM Platform enforces secure access between non-human workloads and the services that authorize access to sensitive data and infrastructure. Aembit’s policy engine grants secretless access, just in time, based on the workload’s identity and posture.
The company leverages native identities and sophisticated automation, delivering organizations the ability to eliminate storage of sensitive secrets within applications or vaults by moving to short-lived access tokens with a no-code auth approach. The result is that businesses can proactively secure non-human access while eliminating the manual and fragmented work required today by security, engineering and DevSecOps teams.
Aembit was started with “a vision to help enterprises secure access between non-human workloads, applications, and software resources with the same principles used today to secure human access,” David Goldschlag, co-founder and chief executive officer of Aembit, said in a statement. “Talking to hundreds of enterprises and working closely with design partners, our approach centers on proactively securing access between non-human identities while eliminating friction for developers and security teams.”
Acrew Capital led the Series A round, with previous investors Ballistic Ventures, Ten Eleven Ventures, Okta Ventures Inc. and CrowdStrike Falcon Fund also participating.