Aembit, the workload id and entry administration (IAM) firm, at present introduced new capabilities for GitLab designed to scale back the safety dangers of long-lived private entry tokens (PATs) and different secrets and techniques wanted to automate software program supply, whereas making it simpler to deploy and handle pipelines.
With the introduction of Credential Lifecycle Administration and the provision of Aembit Edge as a local GitLab integration, Aembit replaces static credentials with short-lived, policy-controlled entry that’s created solely when required and revoked routinely. This reduces the danger of misuse whereas giving growth groups a less complicated, extra dependable approach to work inside GitLab.
GitLab is likely one of the most generally used platforms for constructing and deploying software program, enabling the automation that strikes code from growth into manufacturing.
Its reputation has additionally made it a frequent goal: long-lived credentials and unmanaged service accounts have been uncovered in a number of high-profile breaches, together with incidents at Pearson and the Web Archive, resulting in stolen knowledge and dear downtime.
Aembit Credential Lifecycle Administration addresses these dangers straight. As a substitute of PATs that linger for months or years, Aembit points short-lived credentials solely when a pipeline job requires them, then routinely expires them.
Entry is tied to cryptographically verifiable workload id and multifactor authentication (MFA) checks and managed by a coverage enforced at runtime, giving organizations each stronger safety and clear audit data of which workloads accessed which sources and when. In the meantime, associated service accounts are created and eliminated on demand, making certain that no unused accounts stay energetic.
Aembit is now listed within the GitLab CI/CD Element Catalog. This makes Aembit straight accessible inside GitLab, permitting groups so as to add it to their pipelines with out further configuration or handbook setup.
This native integration simplifies the method of connecting pipelines to databases, APIs, and cloud companies, decreasing reliance on embedded secrets and techniques and handbook credential dealing with.
“Builders need to transfer rapidly with out worrying about the place a credential is saved or whether or not it must be rotated,” mentioned Kevin Sapp, co-founder and CTO of Aembit.
“Safety groups, however, need assurance that nothing is left uncovered. What we’ve constructed for GitLab satisfies each wants directly: builders get seamless entry of their pipelines, and safety leaders get the boldness that entry is momentary, accountable, and secure.”
Organizations, similar to Snowflake, which have adopted the Aembit Workload IAM Platform report significant reductions within the time spent managing credentials and fewer disruptions following safety incidents.
Safety groups worth the flexibility to implement least privilege routinely, whereas builders respect that tokens are provisioned and revoked transparently with out extra coding or handbook steps.
By embedding these controls into GitLab, Aembit permits enterprises to strengthen safety whereas sustaining the velocity and consistency anticipated of recent software program pipelines.
The dimensions of the problem is critical. Non-human identities already outnumber human ones by no less than 45 to 1, and credential abuse stays a number one assault vector in line with the 2025 Verizon Information Breach Investigations Report.
The rise of agentic AI is including much more autonomous workloads, growing the demand for safe, short-term entry controls. On the identical time, engineering groups lose hours every week to handbook credential rotation, a course of that can’t maintain tempo with sprawling pipelines and multicloud environments.
Each GitLab Credential Lifecycle Administration and the Aembit Edge part can be found instantly. Clients can start with the Aembit Starter Tier and broaden into enterprise-grade coverage enforcement, conditional entry, and reporting as necessities mature.
About Aembit
Aembit is the main supplier of workload id and entry administration options, designed to safe non-human identities like AI brokers, purposes, and repair accounts throughout on-premises, SaaS, cloud, and accomplice environments. Aembit’s no-code platform allows organizations to implement entry insurance policies in actual time, making certain the safety and integrity of important infrastructure. Customers can go to aembit.io and comply with the corporate on LinkedIn.
Contact
CMOApurva DaveAembit[email protected]
