Name: A CISO’s Perspective to Securing Non-Human Identities
Start: 2024-10-09T20:00:00Z
End: 2024-10-09T20:00:28.000Z
Location: BrightTALK
Rating: 5

Aembit is the Workload Identity and Access Management platform that secures access between workloads across clouds, SaaS, and data centers. With Aembit’s identity control plane, DevSecOps can fully automate secretless, policy-based, and Zero Trust workload access. For more information, visit www.aembit.io and follow us on LinkedIn.

As enterprises navigate the shift from legacy on-premises infrastructure to the cloud, managing workload identities and access control across hybrid environments becomes a critical challenge. This webinar explores how organizations can effectively secure non-human identities—such as services, applications, and automated workloads—across both legacy Windows systems and modern Azure environments.

We will delve into strategies for unifying identity and access management (IAM), ensuring policy consistency, and reducing operational complexity. The session will also highlight practical approaches and tools for seamless migration of workload identities from on-prem to Azure, while maintaining compliance and minimizing risk. Attendees will gain actionable insights to build a secure, scalable, and future-ready identity strategy for hybrid IT landscapes.

What You'll Learn:
- Strategies for securing non-human identities across hybrid Windows and Azure environments.
- Approaches to unify identity and access management (IAM) for consistent policy enforcement.
- Methods to reduce operational complexity in managing diverse workload identities.
- Practical tools and approaches for seamless migration of workload identities from on-prem to Azure.
- How to maintain compliance and minimize risk during the transition to a hybrid identity strategy.
- Actionable insights to build a secure, scalable, and future-ready identity strategy for hybrid IT landscapes.

Who Should Attend:
- Security Architects
- IT Directors and Managers
- Cloud Architects
- Identity and Access Management Professionals
- DevOps Engineers
- Anyone involved in securing hybrid IT environments and managing non-human identities.

Modernizing Workload Identity and Access Control Across Hybrid Windows Environments

DevOps teams are building faster than ever—but securing access between workloads, services, and infrastructure often slows them down. Hardcoded credentials, secrets sprawl, and misconfigured vaults can lead to security incidents and productivity bottlenecks.

Join Andrew McCormick, former SRE and Security Engineer at Starbucks, and Apurva Dave' from Aembit for a practical conversation on modern access management approaches that prioritize velocity and security. We'll break down real-world patterns and pitfalls across cloud-native environments as well as hard-to-manage on-premise and retail deployments. 



Expect tactical takeaways on:

How to shift left on access without shifting burden to developers
Why service-to-service authorization is becoming the new perimeter
When to use secrets managers vs. workload identity platforms
Lessons learned from scaling IAM in fast-moving DevOps orgs
Whether you're drowning in YAML or just tired of rotating secrets by hand, this session will give you actionable ideas to modernize access in your pipelines—without breaking velocity.

Access Without Friction: Modern Identity and Secrets Management for DevOps Teams

Modern enterprises don’t just manage human identities anymore. From cloud workloads and service accounts to Agentic AI and automation scripts, non-human identities (NHIs) now outnumber human users in most organizations. Yet, security teams face a paradox: while they’re responsible for securing NHIs, these identities are often created and managed by DevOps and development teams. This disconnect can lead to unchecked credential sprawl, privilege mismanagement, and security blind spots.

In this interactive session with the Identity Defined Security Alliance (IDSA), we’ll break down what non-human identities are, why they matter, and the risks they introduce. More importantly, we’ll explore how security teams can move from reactive gatekeepers to proactive enablers—helping DevOps teams work more efficiently while reducing risk. Our experts will share practical strategies for securing NHIs without adding friction, covering workload authentication, API access, and secrets management.

Whether you're struggling with visibility into non-human identities or looking to implement scalable security controls, this discussion will equip you with actionable insights to align security and DevOps, strengthening your overall identity security strategy.

Securing Non-Human Identities: Balancing Security and Productivity

Managing non-human identities at scale is a growing challenge for modern enterprises. In this exclusive webinar, Cameron Tekiyeh, head of global security analytics at Snowflake, shares firsthand insights into the cloud-based data warehouse's journey to securing workload access, detailing real-world lessons learned, challenges faced, and the strategies that made their approach successful.

Cameron will share insights straight from the trenches. We’ll explore how Snowflake tackled workload identity and access management (WIAM) to secure critical infrastructure, including CI/CD pipelines, agentic AI access, and automated workloads. Learn how the company built a scalable, secure approach that reduces risk while maintaining agility.

Cameron will tackle key questions such as:
 - Why wouldn't human Identity solutions work for nonhumans?
 - How can you achieve this security while making developers' lives better?
 - How do you get started, and how do you plan for future needs like agentic AI?

Join us for an interactive session and gain practical insights from Snowflake’s experience in securing non-human identities. Whether you're an architect, DevOps engineer, or security professional, this session will equip you with actionable strategies to protect your workloads.

Register now to hear directly from the experts!

How Snowflake Secures Workload Access — A Practitioner’s Deep Dive into Non-Human Identity Security

Over 10,000 enterprises trust Snowflake’s cloud-based data platform.  But it's not just humans logging in: Applications, scripts and AI agents are the non-human identities (NHIs) that are integral to the Snowflake ecosystem.

Non-human identities are a massively expanding attack surface of your Snowflake deployment (and your other data clouds as well).

In this webinar, we’ll cover the risks – and the solutions – associated with NHIs and the non-interactive service accounts they depend on within Snowflake. We won't just cover this in slides, we'll give you a hands-on experience with an actual environment so you can see first-hand what the next generation of Snowflake access security looks like.

You'll gain actionable advice on how you can:

• Move away from long-lived, easily abused access credentials like secrets and passwords.
• Embrace zero trust access for non-human identities just like you do for humans.
• Automate the work so that security, DevOps, and developers have less work to do, not more.

Join us for this engaging event. Your whole company will be glad that you did!

Securing Snowflake: The Non-Human Identity (NHI) Attack Surface

Secrets have long been an integral part of software delivery workflows and the broader supply chain, but they’re also one of the biggest security risks. Accidental exposure in logs or source code can lead to unauthorized access and compromised deployments. This webinar will show you how to eliminate static credentials and replace them with more secure short-lived access tokens tied directly to a workload’s identity.

Secrets in CI/CD pipelines – like hardcoded tokens or API keys – create unnecessary risks, from simple sprawl to major exposure. This webinar introduces a better approach: replacing static credentials – and the burden of rotating them – with just-in-time credentials tied to workload identity. Learn how Aembit secures CI/CD pipelines by managing access dynamically, without relying on long-lived secrets.

What You Can Expect:

- Common pitfalls of traditional secrets management in CI/CD pipelines and real-life breaches that have disrupted delivery cycles and compromised organizational trust.
- How Aembit’s Workload IAM delivers short-lived, policy-driven access credentials while removing developers of the need to write custom authentication code.
- A live demo showcasing secure CI/CD integrations with GitHub and GitLab.

Join us to explore practical solutions for better securing your mission-critical build-and-deploy processes.

How to Eliminate Credential Risks in CI/CD Pipelines

Tired of managing static credentials for your non-human identities? Workload Identity Federation (WIF) offers a more secure way to control NHI access to cloud resources. In this webinar, we’ll show how you can move away from fixed and long-lived secrets and embrace just-in-time credentials. Plus, discover how non-human IAM platforms like Aembit can help enhance WIF with MFA-like security and conditional access.

What you’ll learn:
- An overview of WIF and its advantages.
- A quick breakdown of leading WIF solutions from Google and AWS.
- How Aembit strengthens WIF for improved non-human identity security.
- Tips for securing access with short-lived tokens.
- A live demo to see it all in action!

Join us to see how you can simplify non-human identity management while boosting security, across your cloud environments.

Ditching Fixed Credentials and Harnessing the Power of Workload Identity Federation

As AI tools and technologies like large language models (LLMs) become integral to business operations, securing their access is critical to safeguarding sensitive data and maintaining control. 

These AI-driven models are embedded across industries, making decisions, managing infrastructure, and handling customer interactions autonomously. But with this increasing reliance on AI comes the challenge of protecting these non-human entities from unauthorized access.

In this webinar, we’ll explore how to secure AI workloads, focusing on managing non-human identities that interact with LLMs. 

You’ll learn:
✔️ How policy-based controls can secure AI access without complicating operations.
Strategies to eliminate scattered credentials, reducing the risk of breaches in AI systems.
✔️ How to simplify AI authentication without embedding credentials in code.
✔️ Ways to improve auditability and gain visibility into AI workload access.
✔️ Techniques for discovering and securing AI usage across distributed applications.
✔️ Plus a Q&A!

Join us to learn how to protect your AI environments while seamless and resilient access management, ensuring your organization can harness the full potential of LLMs and other modern programs safely and securely.

The AI Identity Crisis: How to Secure Access for LLMs and Other Emerging Non-Human Identities

Join us for a deep dive into the findings of Aembit's 2024 Non-Human Identity Security Report, addressing a critical issue that’s gaining attention in security circles. We’ll unpack the survey data to reveal where organizations like yours may be struggling with their NHI efforts and what steps you can take to bridge the gaps. 

While securing user identities is well established for DevSecOps teams, managing non-human identities – across workloads like apps, scripts, and services – requires different strategies and technologies and a heightened level of awareness. That may be why some teams are struggling to keep up with these evolving challenges and complexities, leaving critical gaps in your security posture.

The 2024 Non-Human Identity Security Report from Aembit, informed by real responses from 110 of your industry peers, uncovers surprising trends and potential weak spots. Whether you're confident in your NHI approach or looking to refine it, this webinar will draw on meaningful data and offer no-nonsense advice you can use to protect a new generation of threats.

Here’s what we’ll cover:
- The surprising percentage of organizations still using outdated methods for non-human IAM.
- Key factors contributing to low confidence in current non-human identity practices.
- The biggest risks associated with these identities that organizations may be overlooking.
- Steps to adopt secretless access methods for safer workload interactions and strategies for managing them across multi-cloud environments.
- Plus, our experts answer your questions!

Survey Says: The Current State of Non-Human Identity Security

Incidents involving the compromise of software credentials are becoming increasingly common. These credentials often fall into the wrong hands because they are touched by numerous people and are freely shared across various teams and services. This widespread access increases the risk of exposure and misuse. Aembit Co-Founder and CTO Kevin Sapp walks you through the scenarios that create this security challenge.

How and Why Software Workload Credentials Get Compromised

From the why of securing workload-to-workload connections to the how, Aembit Co-Founder and CEO David Goldschlag walks you through everything you need to know about workload identity and access management. His guided illustration draws parallels to user IAM struggles and eventual maturity, shares current approaches for securing workload access, their pros and cons, and how enterprises can evolve to a more holistic solution that makes life better -- and easier -- for developer, DevOps and security teams alike.

The Fundamentals of Workload Identity and Access Management (WIAM)

User identity and access management (IAM) is a standard security measure in most businesses, but with the explosion of software workloads in today's cloud and automated environments, non-human identities can't be ignored. 

In this video, Aembit's Kevin Sapp breaks down the key differences between User IAM and Workload IAM. Learn why securing non-human identities is critical for modern organizations and how to adapt your tech stack for optimal security. This is required viewing for DevOps and security teams looking to stay ahead in identity management.

User IAM vs. Workload IAM: How Identity Security Changes for Non-Humans

Explore how to eliminate "Secret Zero" risks and streamline HashiCorp Vault access. In this webinar, you will learn practical IAM strategies for secure, policy-based access and seamless secrets management across all environments.

Secure Workload Access Using HashiCorp Secrets Manager

Are developers supposed to be security engineers also? Can your CISO really say that there is no secret or credential leakage? Will Open-Source software cost you your job?

Join Aembit’s Head of Technical Product marketing, Ashur Kanoon, as he shares what he’s learned talking to developers and DevOps folks who are ready to tackle the threat vector that they know they’ve been ignoring.

In this presentation, you’ll learn:
- How your current use of secrets in code is affecting your organization and your developers
- The options available, their limitations, and how free software is very expensive
- Aembit’s approach to simplifying secretless deployments while enhancing security
- And much more

The Secret to No Secrets: Making Secretless Workload IAM a Reality

Fed up with hardcoded API keys in your applications? Feeling the strain of cloud IAMs limited to just one environment? Frustrated with secrets managers?

Join Aembit Solutions Architect Paul Dahn, and our strategy guru, Apurva Davé as we showcase the Aembit Workload IAM Platform, a single console to centrally manage and authorize workload access across your  applications, services, and other resources – no matter where they live.

In this immersive product demo, you’ll discover:
- The Future of IAM: Move beyond DIY, vaults, and cloud-specific solutions to embrace secretless workload IAM.
- Policy-Based Access Control: Apply conditional access policy control that paves the way for Zero Trust for workloads.
- No-Code Implementation: Reduce the burden on developers and accelerate deployment times with no-code auth.
- Cross-Environment Compatibility: Achieve seamless integration across various clouds, SaaS services, legacy apps…even third-party APIs.
- Plus much more!

Sparking a Machine Identity Revolution with Workload IAM

Join us for a candid conversation with Mario Duarte, Aembit’s new CISO and former head of security at Snowflake. Mario is now turning his focus to one of cybersecurity’s toughest and most overlooked challenges: securing non-human identities (NHIs) across applications, services, and workloads.

In this live discussion, we’ll go behind the curtain and talk about the real issues security teams are facing when it comes to managing access between workloads and sensitive resources. Mario will break down why relying on static credentials is a ticking time bomb and share practical, real-world NHI security solutions for complex and distributed enterprise environments.

What we’ll cover:
- Why static credentials and secrets management vaults are no longer enough.
- How to ensure your workloads authenticate securely to the right resources.
- What parallels can be drawn between human IAM (think username/password) and non-human IAM.
- How to confidently embrace innovative solutions from emerging companies without compromising security.
- Plus, your questions answered!

This is your chance to hear directly from a veteran CISO with a passion for identity management and experience on the frontlines of enterprise security.

A CISO’s Perspective to Securing Non-Human Identities

Identity Management

Cyber Security

Non Human Identity

Workload IAM

Security Automation

Workload Access Menagement

Cloud Security

Secrets Managmenet

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

A CISO’s Perspective to Securing Non-Human Identities

Presented by

About this talk

Aembit