Home > News > featured news > Keeper Security Launches Multi-Cloud Password Rotation, Enabling Organizations to Update Privileged Credentials Automatically

Platform Security, Software Security, Cloud Security

Keeper Security Launches Multi-Cloud Password Rotation, Enabling Organizations to Update Privileged Credentials Automatically

Prnewswire | May 25, 2023 | Read time : 05:00 min

Keeper Security Launches Multi-Cloud Password Rotation

Keeper Security, the leading provider of cloud-based zero-trust and zero-knowledge cybersecurity software protecting passwords, secrets, connections and privileged access, today announced the launch of password rotation, a new feature that allows organizations to securely rotate service accounts and other privileged credentials on-demand or on an automated schedule. Keeper's new password rotation capability enables organizations to automate the changing and resetting of system credentials including Active Directory service accounts, Azure AD accounts, AWS IAM accounts, SSH keys, database passwords, Windows local users, Linux users, Mac users and more.

Password rotation is the latest enhancement to Keeper's next-generation Privileged Access Management (PAM) solution. Recognized as the 2023 Gold Winner by the Cybersecurity Excellence Awards and named Most Comprehensive PAM Solution by the Global Infosec Awards, KeeperPAM is revolutionizing privileged access management by providing comprehensive PAM capabilities including enterprise-grade password, secrets and connection management in one unified platform. With the addition of automated password rotation, KeeperPAM's capabilities continue to grow.

KeeperPAM was designed to address the cybersecurity industry's growing demand for modern solutions that are cost-effective, easy to implement and engaging for end users. Keeper's recent Privileged Access Management Survey: User Insights on Cost & Complexity revealed that more than half of all IT and security leaders (56%) have tried to deploy a traditional PAM solution but never fully implemented it. Of those, a staggering 92% said it was because the solution was too complex.

Unlike traditional PAM solutions, Keeper's Password Rotation architecture is managed through the cloud-based vault and admin console interface, with a lightweight component that's installed in the customer's cloud and on-prem environment, called the Keeper Gateway service. The Gateway service and Keeper's new multi-cloud routing infrastructure does not require security teams to make any firewall changes, and it uses native protocols for implementing rotation.

"Administrative passwords must be updated regularly and automatically to reduce the risk of password-based breaches and cyberattacks. Traditional PAM tools with password rotation capabilities are often expensive and difficult to deploy," said Craig Lurey, CTO and co-founder of Keeper Security. "This leaves organizations that cannot afford or have never fully deployed those solutions vulnerable. We are excited to help minimize this risk with an affordable, modern and elegant solution that protects every user and every device in an organization."

Password rotation enables customers to:

  • Automatically rotate credentials for machines, service accounts and user accounts across their infrastructure, and schedule rotations to occur at any time or on-demand.
  • Perform post-rotation actions such as restarting services or running other applications as needed.
  • Securely store all credentials in the Keeper Vault, and control and audit access to credentials.
  • Log all actions to Keeper's Advanced Reporting and Alerts Module (ARAM) and third party SIEM providers.
  • Create compliance reporting on shared privileged accounts.

Password Rotation through KeeperPAM is available through the web vault, desktop app for Windows/Mac/Linux and the admin console. The feature enables admins to seamlessly manage rotation for users and records, create gateways, configure cloud environments and enforce least-privilege access. Password Rotation as part of KeeperPAM supports Keeper's zero-knowledge, zero-trust architecture, which always encrypts and decrypts data at the local device level.

About Keeper Security

Keeper Security is transforming cybersecurity for organizations around the world with next-generation privileged access management. Keeper's zero-trust and zero-knowledge cybersecurity solutions are FedRAMP and StateRAMP Authorized, FIPS 140-2 validated, as well as SOC 2 and ISO 27001 certified. Keeper deploys in minutes, not months, and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by thousands of organizations to protect every user on every device, Keeper is the industry leader for best-in-class password management, secrets management, privileged access, secure remote access and encrypted messaging. Learn more at KeeperSecurity.com.

Spotlight

Disrupt Counterfeit Threats

Counterfeit threats, such as fraudulent ads and look-alike domains, are on the rise especially with the expansion of e-commerce and online consumer-to-business interaction. However, the collection and mitigation of counterfeit activity can be complicated. Prioritizing relationships with platforms and providers along with collect

More featured news

Spotlight

Disrupt Counterfeit Threats

Counterfeit threats, such as fraudulent ads and look-alike domains, are on the rise especially with the expansion of e-commerce and online consumer-to-business interaction. However, the collection and mitigation of counterfeit activity can be complicated. Prioritizing relationships with platforms and providers along with collect

Related News

Enterprise Security, Platform Security, Software Security

Kivu Launches New Managed Security Services for Cloud and Identity Threat Detection and Response

PR Newswire | August 18, 2023

Kivu Consulting, a premier global cybersecurity solutions provider, is proud to introduce two new managed security services: Cloud Detection and Response and Identity Threat Detection and Response. Powered by CrowdStrike, as part of Kivu and CrowdStrike's elite MSSP partnership, these innovative services are designed to equip clients with new capabilities to address the expanding technology attack surface and continued targeting of digital identities by cyber threats. Cloud Detection and Response: Kivu's Cloud Detection and Response service is a fully managed solution engineered to support cloud and hybrid environments. Key features include: Identification and alerts for cloud accounts, infrastructure misconfigurations, and compliance violations. Detection and prevention of cloud account and control plane threats. Resolution of vulnerabilities and misconfigurations in Cloud workload. Runtime detection and response for container and function-based applications. Identity Threat Detection and Response: Kivu's Identity Threat Detection and Response service integrates seamlessly with Active Directory and cloud-based identity stores to provide: Real-time threat detection using AI-based behavioral analytics for actionable insights. Early identification of threats before systems and data are impacted. Identity scoring and enforcement of robust authentication for risk-based remediation. Implementation of Zero Trust Principles. "As a leading incident response firm, we are observing daily how the threat landscape changes. Remote work has surged post-pandemic, the cloud has become a predominant IT delivery model, and zero trust is a priority," said Gary Alterson, Vice President of Kivu's Managed Security Services. "Our Cloud and identity managed services address modern threats and ensure we are providing the best possible security outcomes for our clients." "The steady increase in compromised credentials magnifies the importance of identity threat protection, and Kivu is determined to address this critical client need," said Shane Sims, CEO of Kivu Consulting. "With the launch of our expanded managed security services, Kivu continues to lead in providing trusted solutions to our clients and cybersecurity ecosystem partners." About Kivu Consulting Kivu is a leading global cybersecurity firm that offers a full suite of pre- and post-incident services, specializing in the forensic response to cyberattacks and ransomware incidents. We deliver cutting-edge cybersecurity solutions to organizations in need and are a trusted cyber incident partner to insurance carriers and law firms worldwide. Visit KivuConsulting.com.

Read More

Platform Security, Software Security, Cloud Security

Uptycs Continues Momentum in Helping Customers Achieve Security Operations Excellence with AWS

Globenewswire | July 28, 2023

Uptycs, provider of the first unified CNAPP and XDR platform, today announced it’s now part of the Amazon Web Services (AWS) Public Sector Partner (PSP) Program. The AWS PSP Program helps AWS Partners grow their public sector business through alignment with AWS public sector sales, marketing, funding, capture, and proposal terms. “We are delighted to be working with AWS to solve customers’ cloud security challenges, increase security operations efficiency, and protect developer environments as they move code from their workspaces into AWS production environments,” said Ganesh Pai, CEO and co-founder of Uptycs. Uptycs has built an integration with AWS Control Tower, which simplifies AWS experiences by orchestrating multiple AWS services on a customer’s behalf while maintaining the security and compliance needs of their organization. Leveraging the workflow with AWS Control Tower, Uptycs' deep integration with AWS Systems Manager allows organizations to achieve comprehensive security controls while reducing operational overhead in their Uptycs deployment. “Many organizations, especially in the public sector, are looking for ways to cost-effectively scale their cloud security program. Our integration with AWS Control Tower and AWS Systems Manager, along with our more unified shift up approach, delivers a more efficient way to improve customers’ security posture across cloud environments,” Pai said. Additionally, Uptycs also recently announced the achievement of AWS Security Competency Status, and an integration with the Amazon Security Lake. “Our model is proven to better support cybersecurity teams thanks to what we’ve already achieved for our public sector customers, as well as enterprise and commercial organizations,” Pai said. “Now, we’re even better at helping our customers reduce operational burden, and strengthen their threat detection, remediation, and forensic capabilities.” About Uptycs Uptycs, the first unified CNAPP and XDR platform, reduces risk by prioritizing responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates across clouds, containers, servers, and endpoints—all from a single UI. This includes the ability to tie together threat activity as it traverses on-prem and cloud boundaries, thus delivering a more cohesive enterprise-wide security posture. Get started with agentless coverage, then add runtime protection, and advanced remediation and forensics.

Read More

Platform Security, Software Security, Cloud Security

Legit Security Announces Integration with CrowdStrike to Bring Application Security Posture Management to Customers

PR Newswire | August 02, 2023

Legit Security, a cyber security company with an enterprise Application Security Posture Management platform that secures application delivery and protects an organization's software supply chain from attack, today announced a partnership with CrowdStrike, a global leader in cloud-delivered protection of endpoints, cloud workloads, identity and data protection. With this partnership, Legit Security integrates with the CrowdStrike Falcon® platform to provide extended application security, auto-discovery, and vulnerability management. Leveraging the two solutions, customers can automatically trace cloud application vulnerabilities back to their code origin and more rapidly prioritize and remediate security issues leveraging deep application context. With the need for frequent software releases, DevOps and modern CI/CD pipelines have left security teams struggling to secure their cloud applications in the face of increasing threats. Within these constantly changing development environments, legacy security approaches fall short with high levels of noise and alerts, making it difficult to quickly prioritize cloud application vulnerabilities and identify the root cause. Compounding the challenge, organizations lack real-time application security posture management across their CI/CD pipelines and pre-production development environments as software supply chain attacks continue to grow dramatically. With Legit Security's integration with the Crowdstrike Falcon® platform, security teams can quickly see where vulnerabilities discovered in production applications originated, and where vulnerabilities discovered in code get deployed. Legit Security ingests security data across cloud workloads from the CrowdStrike Falcon platform to identify and trace the source of vulnerabilities and accelerate triage and prioritization of issues based on context and severity. "Cloud application security is a top priority, however enterprises need to balance security with an ability to improve productivity and do more with less," said Roni Fuchs, CEO and co-founder, Legit Security. "Instantly tracing cloud application security vulnerabilities back to their source with full context regarding the application, its software supply chain, and code origination can dramatically improve remediation time and productivity for both security and development teams. Now listed in the CrowdStrike Store, Legit Security's offering allows customers to easily find information on our integration to ultimately gain dramatic improvements in risk scoring, security issue classification and prioritization, and get the most out of their valuable security resources." About Legit Security Legit Security provides application security posture management platform that secures application delivery from code to cloud and protects an organization's software supply chain from attack. The platform's unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

Enterprise Security, Platform Security, Software Security

Kivu Launches New Managed Security Services for Cloud and Identity Threat Detection and Response

PR Newswire | August 18, 2023

Kivu Consulting, a premier global cybersecurity solutions provider, is proud to introduce two new managed security services: Cloud Detection and Response and Identity Threat Detection and Response. Powered by CrowdStrike, as part of Kivu and CrowdStrike's elite MSSP partnership, these innovative services are designed to equip clients with new capabilities to address the expanding technology attack surface and continued targeting of digital identities by cyber threats. Cloud Detection and Response: Kivu's Cloud Detection and Response service is a fully managed solution engineered to support cloud and hybrid environments. Key features include: Identification and alerts for cloud accounts, infrastructure misconfigurations, and compliance violations. Detection and prevention of cloud account and control plane threats. Resolution of vulnerabilities and misconfigurations in Cloud workload. Runtime detection and response for container and function-based applications. Identity Threat Detection and Response: Kivu's Identity Threat Detection and Response service integrates seamlessly with Active Directory and cloud-based identity stores to provide: Real-time threat detection using AI-based behavioral analytics for actionable insights. Early identification of threats before systems and data are impacted. Identity scoring and enforcement of robust authentication for risk-based remediation. Implementation of Zero Trust Principles. "As a leading incident response firm, we are observing daily how the threat landscape changes. Remote work has surged post-pandemic, the cloud has become a predominant IT delivery model, and zero trust is a priority," said Gary Alterson, Vice President of Kivu's Managed Security Services. "Our Cloud and identity managed services address modern threats and ensure we are providing the best possible security outcomes for our clients." "The steady increase in compromised credentials magnifies the importance of identity threat protection, and Kivu is determined to address this critical client need," said Shane Sims, CEO of Kivu Consulting. "With the launch of our expanded managed security services, Kivu continues to lead in providing trusted solutions to our clients and cybersecurity ecosystem partners." About Kivu Consulting Kivu is a leading global cybersecurity firm that offers a full suite of pre- and post-incident services, specializing in the forensic response to cyberattacks and ransomware incidents. We deliver cutting-edge cybersecurity solutions to organizations in need and are a trusted cyber incident partner to insurance carriers and law firms worldwide. Visit KivuConsulting.com.

Read More

Platform Security, Software Security, Cloud Security

Uptycs Continues Momentum in Helping Customers Achieve Security Operations Excellence with AWS

Globenewswire | July 28, 2023

Uptycs, provider of the first unified CNAPP and XDR platform, today announced it’s now part of the Amazon Web Services (AWS) Public Sector Partner (PSP) Program. The AWS PSP Program helps AWS Partners grow their public sector business through alignment with AWS public sector sales, marketing, funding, capture, and proposal terms. “We are delighted to be working with AWS to solve customers’ cloud security challenges, increase security operations efficiency, and protect developer environments as they move code from their workspaces into AWS production environments,” said Ganesh Pai, CEO and co-founder of Uptycs. Uptycs has built an integration with AWS Control Tower, which simplifies AWS experiences by orchestrating multiple AWS services on a customer’s behalf while maintaining the security and compliance needs of their organization. Leveraging the workflow with AWS Control Tower, Uptycs' deep integration with AWS Systems Manager allows organizations to achieve comprehensive security controls while reducing operational overhead in their Uptycs deployment. “Many organizations, especially in the public sector, are looking for ways to cost-effectively scale their cloud security program. Our integration with AWS Control Tower and AWS Systems Manager, along with our more unified shift up approach, delivers a more efficient way to improve customers’ security posture across cloud environments,” Pai said. Additionally, Uptycs also recently announced the achievement of AWS Security Competency Status, and an integration with the Amazon Security Lake. “Our model is proven to better support cybersecurity teams thanks to what we’ve already achieved for our public sector customers, as well as enterprise and commercial organizations,” Pai said. “Now, we’re even better at helping our customers reduce operational burden, and strengthen their threat detection, remediation, and forensic capabilities.” About Uptycs Uptycs, the first unified CNAPP and XDR platform, reduces risk by prioritizing responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates across clouds, containers, servers, and endpoints—all from a single UI. This includes the ability to tie together threat activity as it traverses on-prem and cloud boundaries, thus delivering a more cohesive enterprise-wide security posture. Get started with agentless coverage, then add runtime protection, and advanced remediation and forensics.

Read More

Platform Security, Software Security, Cloud Security

Legit Security Announces Integration with CrowdStrike to Bring Application Security Posture Management to Customers

PR Newswire | August 02, 2023

Legit Security, a cyber security company with an enterprise Application Security Posture Management platform that secures application delivery and protects an organization's software supply chain from attack, today announced a partnership with CrowdStrike, a global leader in cloud-delivered protection of endpoints, cloud workloads, identity and data protection. With this partnership, Legit Security integrates with the CrowdStrike Falcon® platform to provide extended application security, auto-discovery, and vulnerability management. Leveraging the two solutions, customers can automatically trace cloud application vulnerabilities back to their code origin and more rapidly prioritize and remediate security issues leveraging deep application context. With the need for frequent software releases, DevOps and modern CI/CD pipelines have left security teams struggling to secure their cloud applications in the face of increasing threats. Within these constantly changing development environments, legacy security approaches fall short with high levels of noise and alerts, making it difficult to quickly prioritize cloud application vulnerabilities and identify the root cause. Compounding the challenge, organizations lack real-time application security posture management across their CI/CD pipelines and pre-production development environments as software supply chain attacks continue to grow dramatically. With Legit Security's integration with the Crowdstrike Falcon® platform, security teams can quickly see where vulnerabilities discovered in production applications originated, and where vulnerabilities discovered in code get deployed. Legit Security ingests security data across cloud workloads from the CrowdStrike Falcon platform to identify and trace the source of vulnerabilities and accelerate triage and prioritization of issues based on context and severity. "Cloud application security is a top priority, however enterprises need to balance security with an ability to improve productivity and do more with less," said Roni Fuchs, CEO and co-founder, Legit Security. "Instantly tracing cloud application security vulnerabilities back to their source with full context regarding the application, its software supply chain, and code origination can dramatically improve remediation time and productivity for both security and development teams. Now listed in the CrowdStrike Store, Legit Security's offering allows customers to easily find information on our integration to ultimately gain dramatic improvements in risk scoring, security issue classification and prioritization, and get the most out of their valuable security resources." About Legit Security Legit Security provides application security posture management platform that secures application delivery from code to cloud and protects an organization's software supply chain from attack. The platform's unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.

Read More

More featured news