AI | Security

Why AI Agent Identity Requires Runtime Enforcement, Not Another IdP

AI agents don’t behave like traditional identities. Learn why runtime enforcement, workload identity, and ephemeral access matter more than static directories and OAuth scopes.

Security

Six Months, Three GovCloud Accounts, Zero Excuses: Lessons from the CISA GitHub Leak

A public GitHub repo named “Private-CISA” sat unmonitored from November 2025 to May 2026, exposing AWS GovCloud admin keys and plaintext credentials for the agency’s DevSecOps environment. The real story isn’t the contractor. It’s the architecture that let static secrets exist in the first place. On May 18, 2026, Brian Krebs reported that a contractor […]

News | Technical Definitions

What is Certificate Lifecycle Management (CLM)?

What is Certificate Lifecycle Management (CLM)? A process to manage the critical lifecycle stages of digital certificates. Read more here.

InfoSec | Security

The Edge of Exposure: Why Your Browser Passwords Aren’t Safe

Microsoft Edge’s plaintext RAM disclosure exposed a deeper flaw in browser password managers. Learn why security teams are rethinking credential storage and how Akeyless Password Manager 2.0 minimizes exposure with Zero-Knowledge architecture and Just-In-Time access.

DevOps | Security

API Key Management: Why API Keys Are Insecure and What to Do Instead

In this blog post, discover how understanding API keys can make your online activities safer and more efficient. Make your online interactions seamless and secure.

AI | Security

How We Turned AI Agents Into Security Researchers at Akeyless

See how Akeyless trains AI agents to review code, test pull requests, and turn every security finding into lasting institutional knowledge.

AI | InfoSec | Security

The Post-Vercel Secrets Checklist: A 30-Minute Audit for Your Stack

Last week, we walked through the Vercel incident and explained why ephemeral secrets change the blast radius of this class of breach. This post is the practical next step: a 30-minute audit any platform or security team can run this week. Nothing in it is specific to Akeyless. If you come out the other side […]

AI | InfoSec | Security

The Vercel Breach and the Case for Ephemeral Secrets

The Vercel breach exposed a deeper problem with OAuth sprawl and long-lived secrets. Here’s how ephemeral credentials change the outcome.

Product Updates | Security

Akeyless Achieves FIPS 140-3 Validation: What It Is and Why It Matters

Akeyless achieves FIPS 140-3 validation for its cryptographic module (#5227), strengthening identity security, compliance, and post-quantum readiness.

AI | Machine IAM | Security

AI Agents and Machines Can’t Keep Secrets

Gartner’s latest research explains why traditional approaches to securing machine identities are failing, and how organizations can move toward identity-based access to reduce risk.

AI | Security

Mitigating OWASP Agentic AI Risks with Identity Controls

Artificial intelligence is rapidly evolving from simple assistants into autonomous AI agents capable of executing real tasks across infrastructure, data platforms, and SaaS systems. These agents retrieve information, call APIs, access databases, and orchestrate workflows without direct human supervision. While this shift unlocks tremendous productivity, it also introduces an entirely new security challenge: how to […]

DevOps | Security

Best Practices For Managing Secrets Across Multiple Environments

Learn how to manage secrets securely across multiple environments. Explore best practices, tools, and strategies for protecting sensitive information in modern systems