We’re excited to announce today that Aembit can now provide policy-based, identity-driven access from your workloads (applications and scripts) to the most commonly used large language models (LLMs). 

While we use OpenAI, Claude, and Gemini as examples below, Aembit’s approach to workload IAM applies broadly to other LLMs offered as a service or self-hosted on your cloud instances. 

Business Context for Greater LLM Identity and Access Security

In November 2022, OpenAI introduced ChatGPT, and the digital world hasn’t been the same since. Companies like Google, Microsoft, and Anthropic have invested billions of dollars, and AI has made huge strides forward. Most people have found ways to leverage generative AI. Students are using it to help write essays. Developers are using it to write code. Marketers are using it to do research.

Organizations have taken various approaches to securing access to LLMs. In many cases, user access to LLMs have been completely blocked in fear that proprietary code and/or credentials and API keys will be manually uploaded. Some organizations are leaving it ungoverned and trusting their employees will safely manage AI on their own. 

At the same time, governing use of AI is moving well beyond a user simply accessing a chatbot. As LLMs are advancing, enterprises are building applications and services that LLMs and SaaS-based generative AI services leverage to bring real value to both their own organization and their customers. 

Ungoverned Access: LLMjacking and Other Risks

Securing access to LLMs isn’t just necessary based on theoretical threats. On May 6, container security company Sysdig posted a blog outlining a new attack, known as LLMjacking, that leveraged stolen cloud credentials to target 10 cloud-hosted large language model (LLM) services. Attackers acquired credentials from a widely targeted system exploiting a vulnerability in Laravel (CVE-2021-3129), aiming to resell access to the LLMs with the account owners paying for that access.

Beyond these brazen attacks, however, there are even more subtle risks at play as your organization adopts AI:

• Where are my developers adopting or testing the use of AI?

• Are they appropriately managing credentials, which in turn provide access to sensitive data?

• How many people are manually administering, storing, and rotating those credentials?

These are, in fact, risks that your organization deals with to secure almost every piece of sensitive data in your company, but with emerging AI services it has come front-and-center.

Workload Identity and Access Management for AI

In light of this evolution – and with exploited vulnerabilities already a reality – enterprises require a robust, policy-based way to help secure access for non-human workloads that access these services

The Aembit Workload Identity and Access Management Platform now offers support available for OpenAI, Gemini (in beta), and Claude, and we have built an extensible platform that can easily cover more services based on authentication methods used.

Aembit brings the concepts of identity and access management to your development of AI. While other approaches are thinking about how users access AI tools and the underlying data they can see, Workload IAM is solving for how applications, scripts, and services can access LLMs.