Aembit raises $25M to tackle nonhuman identity security challenges

Nonhuman identity and access management company Aembit Inc. announced today that it has raised $25 million in new funding to advance its nonhuman IAM solutions.

Founded in 2021, Ambient offers a IAM platform that secures access between workloads across clouds, software-as-a-service and data centers. The company’s service enables policy-based access management between workloads and the resources they access to shrink the attack surface of highly distributed nonhuman identities.

The company aims to tackle the issue of nonhuman identity attacks, such as those that have taken place against companies such as Cloudflare Inc. Nonhuman identities are those used by applications, scripts and bots that businesses use in operations, as well as the credentials used by NHIs to communicate with sensitive databases, applications and infrastructure.

According to a recently published survey of security professions undertaken by Aembit, most organizations struggle with NHI credentials, with 30% storing them as code and 23% using email and chat to share credentials. More than 60% of respondents in the survey said they’re looking for a comprehensive solution across their entire organizations.

Aembit takes on the challenge with a nonhuman IAM with service to move beyond reactive visibility and governance to proactively shrink the attack surface presented by nonhuman identities.

The Aembit Workload IAM Platform enforces secure access between nonhuman workloads and the services that authorize access to sensitive data and infrastructure. Aembit’s policy engine grants secretless access, just in time, based on the workload’s identity and posture.

The company leverages native identities and sophisticated automation, delivering organizations the ability to eliminate storage of sensitive secrets within applications or vaults by moving to short-lived access tokens with a no-code auth approach. The result is that businesses can proactively secure nonhuman access while eliminating the manual and fragmented work required today by security, engineering and DevSecOps teams.

Aembit was started with “a vision to help enterprises secure access between non-human workloads, applications, and software resources with the same principles used today to secure human access,” David Goldschlag, co-founder and chief executive officer of Aembit, said in a statement. “Talking to hundreds of enterprises and working closely with design partners, our approach centers on proactively securing access between non-human identities while eliminating friction for developers and security teams.”

Acrew Capital led the Series A round, with previous investors Ballistic Ventures, Ten Eleven Ventures, Okta Ventures Inc. and CrowdStrike Falcon Fund also participating.

Image: Aembit