What's New With Keeper 
Privileged Access Manager KeeperPAM enables organizations to achieve complete visibility, security, control and reporting across every user on every device. KeeperPAM is cloud-based, enables zero-trust and
This month we have a number of new feature enhancements and product updates to share with you, including Dark Mode for Android, thoughtful setting enhancements across the Keeper vault and browser extension, as well as improvements to our AWS CLI credential process with Keeper’s Secrets Manager (KSM). Continue reading to learn more.
Experience Keeper for Android in Dark Mode
Expanding on our UI refresh earlier this year, we are excited to announce the release of “Dark Mode” for Android. Dark mode reduces eye strain and provides a comfortable viewing experience in low-light environments. New users can download Keeper for Android in the Google Play Store, while existing users can expect the Keeper app to update automatically. Visit Keeper’s Settings menu to turn dark mode on or off; by default the app’s interface will match your device’s display settings.
Protect Your AWS Access Keys With Keeper Secrets Manager
With Keeper’s improved credential process, rather than storing your AWS credentials on a disk, you can now securely store them in your Keeper vault. AWS will use the Keeper AWS CLI Process executable to securely fetch your credentials from your vault using Keeper Secrets Manager (KSM).
Use Default Browser for SSO Option for Seamless Authentication
Enable the new “Use Default Browser for SSO” option in the Keeper Desktop App menu to automatically route to your default web browser and log in with your configured identity provider. The implementation of this optional feature provides support to SSO identity providers who allow FIDO2 security keys or other authentication methods that are not technically supported from the Keeper Desktop embedded browser. This feature is available for SSO Cloud customers and it can be enforced with a device configuration parameter.
Automate Team Approvals and More With Keeper Automator 3.2
Keeper’s Automator service performs instant device approvals upon a successful login from your SSO identity provider. The latest update to Automator boasts a number of impactful updates, including automated team-user approvals, simplified container options, easy deployment Azure and AWS container services, and optional filtering by IP address and email domain.
Password Generator Enhancements for KeeperFill
Our latest version of KeeperFill adds useful enhancements to our password generator feature. Keeper now provides users with “generator history” as a way of retrieving a previously generated password – in case you forgot to save it. Generated passwords are only encrypted and decrypted upon logging in to the extension, and your password history can be cleared at any time.
Use Keeper Secrets Manager to Rotate Okta and API-based Credentials
Keeper Password Rotation allows customers to securely rotate credentials in any cloud-based or on-prem environment. We’ve added support for rotation of Okta passwords and also any arbitrary REST API-based credentials using Keeper’s post-rotation scripts. This latest use case leverages the Okta API to perform password rotation. Additionally, you can now set a flag on the Keeper record to inform the Keeper Gateway to directly execute the post-execution scripts.
Support for Google Passkeys
In an effort to up their security game, Google recently announced passkeys will be the default login method for their users, joining our growing directory of websites that support passkey login. Keeper launched support for the use of passkeys earlier this year in our browser extensions for Chrome, Firefox, Edge, Brave and Safari. Set up a passkey in Keeper from Google’s security settings, and the next time you log in to Google, KeeperFill will autofill your passkey.
Keeper Commander PIN Code Enforcement
Keeper Commander now allows users to easily enable or disable PIN usage on security key (Webauthn) devices with switch no-yubikey-pin for command this-device. This enhancement to Commander MFA is a major convenience factor for users moving forward.
Various Improvements to the Commander CLI
Keeper Commander is constantly evolving. With the latest set of improvements, you can:
- Shows all users in “Shared With” column for command share-report with switch –show-team-users (note: must be used in combination with switch -o)
- Set a different vault logo per-node with the enterprise-node command and –logo-file switch
- Limit aging-report results to only records in shared folders with switch –in-shared-folder
- Exclude team’s membership when invoking download-membership with switch –folders-only or -fo
- Show additional details for each managed company with distributor info
Did You Know?
We offer Keeper Admins a checklist of critical security settings and policies to help secure their environment against insider threats and SSO takeover attacks. Take a look at our recommendations here and see what you can do to level up your cloud security, and learn more about the security gaps and risks that stem from using SSO alone in our recent blog.
Get In Touch!
If you haven’t already, join Keeper on our subreddit at r/Keepersecurity, to receive real-time news, ask questions and chat with the Keeper Team.
Prefer Slack? Keeper’s Beta channel offers a convenient place to provide product feedback, and we have a dedicated MSP channel too. Join the discussion!
Thanks for checking out what we’ve been working on here at Keeper. Keep an eye out for more exciting new updates in the months to come.
