機能: KeeperDB

Zero-trust database access, built into Keeper

KeeperDB replaces legacy unmanaged database tools with secure, audited access directly from the Keeper Vault.

KeeperDB web app showing a Transactions database diagram with tables like orders, payments, products, and users.

Users table with columns ID, Name, Age, and Role, listing several people (e.g., Brenda Kelley) with roles like Admin and Manager.

What is KeeperDB?

KeeperDB is a built-in database management interface that lets privileged users securely access, query and manage databases directly from the Keeper Vault.

One-click launch from your vault

Users can launch KeeperDB's visual interface directly from a Keeper Vault PAM Database resource record.

Connection settings for a local Docker MySQL PAM database, showing hostname dev-container-db-mysql-1 and port 3306, with a Launch KeeperDB button.

Full isolation and visibility

KeeperDB is fully contained within Keeper Remote Browser Isolation. No credentials are stored or exposed on user devices, and all activity is recorded.

Multi-protocol support with modern AI-enabled features

Interact with the most popular database protocols through a unified interface for querying data, drafting and refining SQL in a scratchpad, and leveraging autocomplete and KeeperAI chat to work faster and more efficiently.

Scratchpad with a SQL query counting user logins since 2025-01-01, grouped by user_id and ordered by login_count.

KeeperAI chat with a prompt to chart average order amount over the last 30 days, displaying a donut chart of order amount distribution.

Sovereign AI for secure database interaction

KeeperAI provides an isolated and safe way to work with data. Users can ask questions in natural language, generate and refine SQL and turn results into charts or summaries directly from the vault.

Just-In-Time (JIT) access

Request and approve access with ephemeral accounts that have time-limited access from popular platforms such as Slack, Jira, ServiceNow and Teams.

What makes KeeperDB different from other database tools?

Database Type dropdown open with a search bar and options including MySQL, PostgreSQL, Oracle, SQLite, MongoDB, Redis, Microsoft SQL Server, and DynamoDB.

A modern database experience

KeeperDB provides an alternative to CLI and legacy tools with a modern, visual database interface. Users can explore tables, run queries and interact with data sources with ease.

Database connection list showing PostgreSQL, Microsoft SQL Server, MySQL, and Oracle.

Stronger security without exposed credentials

Database credentials are never shared or stored on user devices. All activity is passwordless, zero-trust and fully recorded, with policies to protect against data exfiltration.

Users tab with a search field for email or team name and a table listing Engineering East and Engineering West with permission settings.

Simple, secure access for distributed teams

Users access databases directly from the Keeper Vault in any web browser. No VPNs, desktop tools or local setup required.

List of recordings showing email names, timestamps, durations, and play/download icons.

Built-in auditability and compliance readiness

KeeperDB turns database access into a fully auditable process, with session recording, detailed logs and consistent oversight.

Built for teams that access sensitive data

DBAs and DevOps teams

Manage production and staging databases with zero-trust, passwordless access. All activity is fully screen recorded and governed by centralized policies, with no local credentials or unmanaged tools.

Support and customer success

Grant short-lived, tightly scoped access to internal or customer databases for troubleshooting. Read-only permissions, full session recording and exfiltration controls protect sensitive data.

Regulated and high-security environments

Enforce strict database access controls across regulated industries such as finance and healthcare. All access is logged, recorded and centrally governed without scattering tools or credentials across endpoints.

よくある質問

Can KeeperDB replace database tools?

KeeperDB can replace many common database tools used for day-to-day access, querying and troubleshooting, such as MySQL Workbench, DBeaver and SQL Server Management Studio, especially when security, auditing and access control are required.

While some teams may still use specialized tools for advanced workflows, KeeperDB consolidates secure database access into the Keeper Vault, eliminating the need for unmanaged desktop tools, shared credentials and blind spots.

How is KeeperDB more secure than traditional database tools?

Traditional database tools expose credentials locally and offer little visibility into user activity. KeeperDB provides passwordless access, enforces centralized policies and records every session.

Does KeeperDB support multiple database types?

Yes, KeeperDB supports major database platforms, including MySQL, PostgreSQL and Microsoft SQL Server, with a consistent interface and policy model across all connections.

Are there any functional limitations compared to CLI access?

KeeperDB has full functional parity with CLI database access. Everything possible in the CLI is also supported in KeeperDB, with enhanced UI capabilities.

Does Keeper support the ability to use a native database tool?

Yes, KeeperPAM supports a "Tunnel" feature which allows users to use a locally installed database application such as MySQL Workbench. Queries are securely proxied and session recorded through the Keeper platform without having to share credentials.

Can access be restricted or limited?

Yes, administrators can grant short-lived access, enforce read-only sessions and control data movement such as exports or imports.