What's New With Keeper 
One-Time Shares power the secure collection and exchange of confidential information Keeper's latest update to One-Time Share enables two-way sharing between Keeper users and non-users, providing
KeeperAI threat detection for privileged sessions
The latest updates to KeeperAI threat detection introduce meaningful updates across PAM resources, PAM configuration settings, gateway settings and session history, providing an enhanced security layer within the web vault architecture. KeeperAI automatically monitors and analyzes SSH sessions in real-time to identify suspicious or malicious activity, ensuring that high-risk sessions are automatically terminated and all user activity is analyzed and categorized. By operating at the network gateway, KeeperAI implements real-time behavioral analysis on user session data streams and generates immediate alerts for security operations teams.
Improved Snapshot Tool for fast autofill fixes
Keeper’s Snapshot Tool greatly simplifies the process of reporting and fixing autofill issues by seamlessly providing Keeper’s Engineering Team with key website information. We improved upon our existing Snapshot Tool to further accelerate the process by implementing a streamlined workflow directly from the browser extension UI. Users can also submit additional details with their snapshot to provide a more complete picture of their autofill issue to the Keeper team. We can turn around fixes within 24 hours and automatically push them to customers without having to update the browser extension.
Keeper Browser Extension receives multiple usability enhancements
Our latest browser extension updates introduce enhanced features that allow users to effortlessly create and view record favorites and add multiple website addresses to a record to efficiently store and organize all related website domains. We’ve also included native support for FIDO2 WebAuthn passkeys in the browser extension user interface, instead of routing users through the web vault.
Enforce least privilege on every endpoint with Keeper Endpoint Privilege Manager
Integrated within the comprehensive KeeperPAM platform, Keeper’s Endpoint Privilege Manager is an advanced Privilege Elevation and Delegation Management (PEDM) solution that provides secure, just-in-time privileged access across endpoints. Administrators simply deploy a lightweight agent that removes standing admin rights while enabling temporary, policy-based privilege elevation only when necessary. The system enforces customizable security policies through just-in-time access, with optional approval workflows and MFA enforcement. In contrast to the broader KeeperPAM platform’s role in securing how users connect to systems, Endpoint Privilege Manager governs what administrative rights they can exercise once connected – closing the loop on privileged access control.
Keeper achieves recognition in Gartner’s 2025 Magic Quadrant for PAM
Keeper Security is proud to announce we’ve been recognized in the 2025 Gartner Magic Quadrant for Privileged Access Management (PAM). The Gartner Magic Quadrant is widely considered one of the most influential evaluations in enterprise technology, providing security leaders with insights in selecting trusted solutions in today’s rapidly evolving technological landscape. This milestone validates Keeper’s strengths, including workload identity, secrets management, agentic AI and infrastructure integration.
Seamlessly import your credentials from Apple Passwords to Keeper
There is now an easier and secure way to quickly import your passwords, passkeys and two-factor codes from Apple Passwords directly into your Keeper Vault on iOS 26 and above. Simply open Apple Passwords, tap the options icon and “export data to another app.” Keeper will be listed in the compatible apps to receive your passwords. Then, by following a few simple prompts, all of your logins will be safely transferred into a designated Keeper Vault folder.
Keeper Gateway release delivers major improvements in stability and performance for Keeper Connections and Discovery
Users on both Windows and Linux Gateway deployments will notice significant performance enhancements across Docker, Linux and Windows installations that make operations far smoother and accelerate workflows. Key improvements include a Linux folder build specification to support gateway deployments in locked-down environments without /tmp access, password propagation to IIS Application Pool log-on credentials, support for SSH keys requiring passphrases, and optimized discovery graph checking when adding resources and users. We’ve enhanced gateway stability and configuration reliability by resolving reconnection issues after network disruptions and introduced support for RHEL 9 Gateway docker images – delivering greater compatibility across diverse environments, improved network flexibility and consistently dependable operations.
Keeper Connection Manager update: dynamic PAM record support and health monitoring
The latest update to Keeper Connection Manager (KCM) implements support for linked records, enabling dynamic tokens to seamlessly pull admin and launch credentials from linked Keeper Vault records for streamlined access management. We’ve also added a new healthcheck API endpoint that provides real-time monitoring of service connectivity, authentication responsiveness and license status to help you maintain optimal system performance.
Keeper plugins for JetBrains and VS Code: Zero-trust secrets management in your IDE
Eliminate hardcoded secrets without leaving your integrated development environment (IDE). Keeper’s new plugins for JetBrains and Visual Studio Code bring zero-trust secrets management directly into your development workflow. Automatically detect and replace API keys, passwords and tokens with secure vault references. The plugins enable developers to replace hardcoded secrets with vault references and execute commands with injected credentials without exposing sensitive data.
Retrieve SIEM events using the Keeper Admin REST API
Automate third-party integrations with Keeper’s all new Admin REST API, now fully manageable through Commander CLI. Generate, list and revoke API tokens directly from the command line for SIEM vendors, with more integration types coming soon. Set granular permissions with read or read/write access, configure custom expiration periods and export token lists in JSON or CSV format.
Keeper effortlessly enables secure secrets management in containerized environments with Docker support
The new Docker container for Keeper Secrets Manager CLI includes built-in binaries for both GLIBC and Alpine Linux distributions, with convenient volume mounting and shell mode support out of the box. The powerful “exec” function automatically replaces environment variables using Keeper Notation with actual secret values at runtime, eliminating hardcoded credentials in your applications. Whether using docker-compose or standalone containers, simply pull the latest image and start managing your secrets with enterprise-grade security across your entire container ecosystem.
Forcefield offers ARM64 support
The latest update to Keeper Forcefield 1.1 now features Windows ARM64 support for broader device compatibility.
Keeper app expands to Linux Snapcraft Store, plus new Raycast extension
Keeper Security’s Desktop App version 17.4 is now available on the Linux Snapcraft Store. Linux users can install Keeper with a single command and receive automatic updates, ensuring they always run the latest and most secure version. Whether on Ubuntu, Fedora, Debian, RHEL, CentOS, AlmaLinux, Rocky Linux, Mint, Manjaro or openSUSE, Keeper integrates smoothly into your preferred environment. Additionally we’ve introduced a comprehensive Raycast extension that provides seamless access to your Keeper Security Vault directly to your macOS desktop. Manage records, generate secure credentials, and access your vault records without leaving your workflow.
Enterprise Secrets Management SDK now available for Ruby
Bring enterprise-grade secrets management directly into your Ruby applications with Keeper’s zero-trust SDK. The SDK delivers purpose-built functionality for extremely simple, fast and efficient programmatic access to passwords, TOTP codes and custom fields through intuitive API calls – no manual vault access required. Developers get complete CRUD operations for records and folders, plus native file handling for attachments and documents. Install in seconds via pip or gem and immediately start protecting sensitive data with the same zero-trust architecture trusted by leading enterprises worldwide.
All new Python Commander SDK
The all new Keeper Python SDK is a modern Python library offering programmatic access to the Keeper Vault and Admin capabilities. This is a refactor of the Commander CLI codebase to make it easy for developers to build custom functionality, such as:
- Building custom integrations and applications
- Managing enterprise structure, users, roles, teams, configuration
- Performing Vault and PAM operations such as record creation, update and deletion
Various improvements to the Commander CLI
Keeper Commander is constantly improving. Here is our latest set of new commands:
Device management commands – comprehensive device management capabilities for both individual users and enterprise administrators.
- device-list – view a list of devices associated with your account
- device-action – take actions on your devices, such as logout, remove, link, unlink, account-lock, account-unlock, lock or unlock
- device-rename – rename your device for easier identification
- device-admin-list – view devices linked to any enterprise user
- device-admin-action – perform administrative actions on a user’s device, such as logout, remove, lock, unlock, or account-specific actions like account-lock/account-unlock
For a full list of Keeper Commander updates, visit our Release Notes.
