Key Capabilities / Features

User and device verification are at the core of zero trust. A zero-trust solution must include a number of functions to ensure its effectiveness. Some of those functions include:

Multi-Factor Authentication (MFA)
Principle of Least Privilege (PoLP)
Monitoring and validation

Organizations that want to successfully deploy zero trust must be able to enforce comprehensive password security, including the use of strong, unique passwords for every account, MFA on all accounts that support it, role-based access controls and least-privilege access. Without an enterprise password management platform, organizations have no visibility or control over what their users are doing with passwords, and they will be unable to successfully adopt the zero-trust network access model.
Keeper’s cybersecurity platform enables zero-trust security and compliance by unifying enterprise password management, secrets management and privileged connection management– all built on our proprietary zero-knowledge encryption model.

The Zero-knowledge model utilizes a unique encryption and data segregation framework that prevents IT service providers from having any knowledge as to what is stored on their servers. In Keeper’s case, this means:

- Customer data is encrypted and decrypted at the device level (not on the server).
- The Keeper app never stores plain text (human-readable) data.
- Keeper’s servers never receive data in plain text.
- The keys to decrypt and encrypt data are derived from the user’s master password.
- Multi-layer encryption provides access control at the user, group and admin level.
- Sharing of data uses public key cryptography for secure key distribution.
- Data is encrypted on the user’s device before it is transmitted and stored in Keeper’s digital vault. When data is synchronized to another device, the data remains encrypted until it is decrypted on the other device.
- No one but the end user can view the plain-text data in their vault — not even Keeper’s employees.

How we are different

Keeper Security was co-founded by two cybersecurity visionaries, Darren Guccione (CEO) and Craig Lurey (CTO). Fourteen years ago, Darren and Craig conceived the early plans for the world’s top-rated password manager and secure digital vault on a long overseas flight.

Today, Keeper is the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys, privileged access, secrets and remote connections. Trusted by millions of individuals and thousands of organizations, Keeper is transforming the way organizations and individuals protect their credentials, secrets, connections and sensitive digital assets to significantly reduce the risks of identity-related cyber attacks, while gaining organization-wide visibility and control.
Keeper isn’t just committed to security; they are fanatical about it. Keeper's zero-trust and zero-knowledge cybersecurity solutions are FedRAMP and StateRAMP Authorized, FIPS 140-2 validated, as well as SOC 2 and ISO 27001 compliant. Every organization needs to secure its passwords, credentials, secrets and connections to reduce the risk of cyber attacks and defend against internal and external threat vectors. Keeper’s priority is to create simple, easy-to-use and highly scalable solutions to help meet the needs of today’s IT and security professionals.

Keeper is the first company to unify three essential IAM products - Keeper Connection Manager, Keeper Secrets Manager and Enterprise Password Manager - to create a next generation Privileged Access Management (PAM) solution called KeeperPAM. Keeper provides the most critical components of privileged access management without the complexity of traditional PAM solutions to quickly and seamlessly integrate with any existing tech and IAM stack, and achieve enterprise-wide coverage and visibility. The solution enables zero-trust and zero-knowledge security and compliance by unifying password, secrets and connections management into one platform.