So far in 2024, many major companies have fallen victim to credential stuffing attacks. Some of these notable credential stuffing victims include Roku, Okta, General Motors
We at Keeper Security are proud to announce that we’ve been recognized by the 2023 Fortress Cybersecurity Awards as the overall winner for Encryption. The Business Intelligence Group conducts the annual Fortress Cybersecurity Awards to recognize experts, engineers, people and products in the field of cybersecurity. The awards “identify and reward the world’s leading companies and products that are working to keep our data and electronic assets safe among a growing threat from hackers.” Their proprietary scoring system selectively measures performance across multiple business domains and recognizes companies, like Keeper, whose achievements stand above those of their peers.
The Zero-Trust and Zero-Knowledge Leader
Keeper is the leading provider of zero-trust and zero-knowledge cybersecurity software for best-in-class password management, secrets management, privileged access, secure remote access and encrypted messaging. This recognition exemplifies Keeper’s commitment to remaining at the forefront of identity and access management, as well as the cybersecurity industry as a whole. We are dedicated to providing our customers with the highest level of security to protect their secrets and sensitive data, which is why we’re trusted by millions of consumers, thousands of businesses and major federal agencies including the Departments of Justice and Energy. Keeper’s zero-trust and zero-knowledge encryption model ensures that even in a worst-case scenario, all contents of a user’s Keeper vault would be protected.
Multi-Layered Encryption for Unparalleled Protection
Keeper’s multi-layered encryption system is based on client-generated encryption keys. 256-bit AES record-level keys and folder-level keys are generated on the client device, which encrypt each individual vault record. All contents of the vault are encrypted, including logins, file attachments, TOTP codes, payment information, URLs and custom fields. Encryption keys are generated locally to preserve zero knowledge and support advanced features such as record and folder sharing. Users have complete control over encryption and decryption of their Keeper vault, and none of their stored information is accessible by anyone else, not even Keeper employees. Record and folder keys are wrapped by a 256-bit AES Data Key, which is then encrypted with an Elliptic Curve key. On the user’s device, an additional 256-bit AES Client Key is generated for encrypting a local offline cache.
Keeper’s Enterprise Password Manager is the only solution that uses Elliptic Curve Cryptography (ECC) in its encryption. Considered by the InfoSec community to be the most secure level of encryption for information security, ECC provides many advantages including best-in-class security, efficiency and faster computation. Keeper also holds the longest standing SOC 2 and ISO 27001 certifications in the industry. Keeper is GDPR compliant, CCPA compliant, FedRAMP and StateRAMP Authorized, certified by TrustArc for online privacy and PCI DSS certified.
Transparency for Our Customers
Delivering on our promise to uphold the highest levels of security, Keeper provides complete transparency about our security architecture and technology infrastructure, making every detail of our encryption model available to the public. Keeper believes our customers deserve to know what steps are being taken to ensure their data is secure in the face of an ever-changing cybersecurity landscape, and has stood by our commitment to protect our users’ most valuable data for more than a decade.
Interested in learning more? Reach out to our team and request a demo.