Keeper +

CASE STUDY Gravitee Will Never Forget Their Password Again

API management software company leverages Keeper for internal business operations and customer success.

Seamless integration with IDP provider
Automated employee onboarding and offboarding
Enforcement of password management policies
Secure information-sharing with customers and vendors

About Gravitee

Gravitee is a SaaS company that helps organisations manage and secure their entire API lifecycle with solutions for API design, management, security, productisation, real-time observability and more. Founded in 2015, with headquarters in the UK and employees based across Europe and the US, Gravitee enables secure and intelligent connections through an API management platform. Open-source software development is central to its founding ethos, and Gravitee remains committed to promoting and developing open-source API solutions.

The Challenge

With a remote-first, distributed workforce, hyper-digital internal operations, and a product platform that interacts with highly sensitive customer data, Gravitee knew it needed a password management system that balanced its needs of user adoption and governance.

Before turning to Keeper, Gravitee used the password manager in its browser, which did not meet the exacting standards required by their InfoSec team. The browser password manager lacked security standards and didn’t provide visibility into password strength, leaving the InfoSec team at Gravitee without visibility into the complexity or reuse of their employees’ passwords — and without control.

With all the issues that we are seeing out there in terms of data breaches being done by insiders, by lost passwords, with password-stuffing and due to the lack of secure password policies, having a password manager is imperative these days.

–Tiago Rosado, Senior Director, Information Security and Compliance

The Keeper Solution

Gravitee considered different password management options ranging from open-source projects to paid solutions. Rosado and team chose Keeper because the solution “ticked all of the boxes for us” and “has the best price-to-benefit ratio.” Keeper simply integrated with their IDP provider, automates systems authentication when onboarding and offboarding personnel, enables visibility into password strength and allows the InfoSec team to enforce password policies.

Keeper’s One-Time Share feature is also popular. Gravitee uses the capability to securely share sensitive documents with clients in a time-limited manner. As opposed to sending penetration tests over email, for example, One-Time Share allows customers to view the report without downloading it to their device and without requiring them to have a Keeper account. Gravitee has welcomed the ongoing collaboration with Keeper’s product management and business support teams.

Keeper is not only building for us, but for other people out there in the market. There is a really great sense of innovation and partnership even.

Benefits of Enterprise Password Management


Keeper is a Zero-Knowledge Password Management solution. This means all information that is stored in Keeper is only accessible by the end-user. All encryption and decryption is done in the client’s device, and the data is encrypted both in-transit (TLS) and at rest on Keeper’s Infrastructure (AES-256).

The plaintext version of the data is never available to Keeper Security employees nor any outside party. Keeper is fanatical about protecting customer data, but in the unlikely event Keeper was hacked, the attackers could only possibly access the worthless ciphertext.

Improve Password Awareness and Behavior

Most businesses have limited visibility into the password practices of their employees which greatly increases cyber risk. Password hygiene cannot be improved without critical information regarding password usage and compliance. Keeper solves this by providing comprehensive password reporting, auditing, analytics and notifications.

Each user has a set of public and private encryption keys used for encrypting the vault, sharing password records and messages between users. Shared information is encrypted with the recipient's public key. Keeper’s record-sharing methodology is easy to use, secure and intuitive.

Fast Time-to-Security

Keeper is intuitive and easy to deploy regardless of the size of your business. Keeper integrates with Active Directory and LDAP servers which streamlines provisioning and onboarding. Use Keeper SSO Connect® to integrate into your existing SSO solution.

Keeper Scales with your Business

Keeper was designed to scale for any sized business. Features such as role-based permissions, team sharing, departmental auditing and delegated administration support your business as it grows. Keeper Commander™ provides robust APIs to integrate into current and future systems.

Protect Your Business with Keeper.

To learn more about how Keeper can protect your business with an easy-to-use platform for identity and access management, contact our Sales Team for a Free Trial or Demo.

English (UK) Call Us