Cybersecurity startup Aembit launches with $16.6M in funding to bring identity-first security to workloads
Aembit, a Maryland-based cybersecurity startup that helps DevOps and security teams manage, enforce, and audit access between federated workloads, officially launched from stealth with a $16.6 million seed funding led by Ballistic Ventures and Ten Eleven Ventures.
Aembit provides secure and uninterrupted access from your workloads to the services on which they depend, such as APIs, databases, and cloud resources. Aembit is also the first to help companies apply a zero-trust security framework to workload access (APIs, databases, cloud resources), similar to existing solutions for workforce (people) access.
Aembit’s cloud-based platform solves the challenge of secure access between workloads by offering a user-friendly solution that DevOps and Security teams can effortlessly deploy, and developers can adopt without hassle. With Aembit, teams can prioritize access management instead of secrets management. Aembit adopts innovative techniques like secretless authentication and credential providers, along with no-code integrations, to simplify secure access for developers.
The company’s pioneering approach to workload access security has earned it recognition as a Cool Vendor in the 2022 Gartner® Cool Vendors™ in Identity-First Security report1. Aembit enables companies to apply a zero-trust security framework to workload access, similar to the solutions used for workforce access. It provides seamless and secure access from workloads to critical services, such as APIs, databases, and cloud resources, to ensure organizations remain secure and protected.
Over the past decade, application architecture has undergone a radical transformation. What were once monolithic, standalone applications have evolved into distributed systems that span the globe and encompass APIs, databases, SaaS services, and partner workloads.
However, as applications have become increasingly complex and distributed, DevOps and Security teams face the significant challenge of scaling secure access, providing security teams with visibility, and enabling developers to concentrate on building essential business functionalities. Inadequate management of workload identities, access, and privileges are among the primary causes of security breaches.
Two recent breaches highlight the importance of effective access management: the T-Mobile breach, in which hackers exploited an API to steal data belonging to 37 million customer accounts, and the CircleCI breach, which prompted the company to encourage its customers to rotate their secrets after a system breach.
Aembit solves the problem of secure access between workloads with a cloud-based platform that is easy for DevOps and Security teams to deploy and frictionless for developers to adopt, letting teams focus on managing access, not secrets. Aembit’s pioneering approach leverages new techniques, such as secretless authentication and credential providers, as well as no-code integrations to simplify secure access for developers. With Aembit, teams can facilitate safe application development and delivery in today’s distributed application environment.
Co-founders David Goldschlag and Kevin Sapp have worked together for over 17 years, and have a history of solving challenging problems in the IAM space. Their experience includes founding New Edge Labs, which became Netskope’s Zero Trust Network Access (ZTNA) offering.
As developers and engineers, Goldschlag and Sapp have significant practical experience and empathy for the workload identity challenges encountered by DevOps, Developer, and Security teams. “We see ourselves in our customers because we have been in their shoes. We’re excited to be able to offer a solution that makes secure access easy and scalable for DevOps and Developer teams, while giving Security teams visibility and audit capabilities,” said Goldschlag, Aembit’s CEO.
“At Ten Eleven, we’re always looking for innovations that can make cybersecurity implementation more seamless and comprehensive for organizations. Identity is now understood to be foundational for securing human access, and now is the time to use Identity to secure non-human access too. The Aembit founders are the team most uniquely suited to solving this important challenge. We can’t wait to see them grow their product and company over the next few years,” said Mark Hatfield, Co-founder and General Partner at Ten Eleven Ventures.
“Enterprises have spent significant resources securing the connections between people and the software they use. However, as businesses move to the cloud, a new and fast growing attack surface has emerged. The mesh of workload-to-workload connections created when software talks to other software need to be identified, secured and managed. Aembit is defining this new category of Workload IAM to defend enterprises’ most critical digital assets. It’s been an honor to work with the Aembit founders since day 1 and to continue to support them on their journey,” said Jake Seid, Co-founder and General Partner of Ballistic Ventures.