Keeper Security has introduced KeeperDB, a vault-embedded database access capability that enables secure, policy-controlled database interactions directly from the Keeper Vault. This new launch will officially commence at the RSA Conference 2026 next week.
KeeperDB allows developers, database administrators and security teams to handle sensitive data through a unified interface. It enables simplified workflows while upholding strict access governance.
Despite enterprise databases being among the most sensitive assets in organisations, access to it remains unregulated. These databases are often managed through desktop tools, shared credentials and network tunnels, systems in which visibility and control remain limited. The highly sensitive nature of databases makes it prone to cyber attacks and insider misuse. Fragmented tools substantially increase risk of credential exposure, data exfiltration and audit gaps while inhibiting least-privilege access.
KeeperDB widens KeeperPam with a vault-native interface that unifies database session management within the zero-trust and zero-knowledge platform. Access is governed by centralised policies and fully recorded for audit and compliance purposes.
The advantages of embedding database access directly into the vault are as follows:
- Reduces credential sprawl
- Standardises database access workflows
- Strengthens audit readiness across cloud and on-prem environments
Darren Guccione, CEO and Co-founder of Keeper Security, said: “Database access has historically been one of the most used yet least-governed areas of enterprise security. “KeeperDB brings database management into the vault – allowing organisations to apply the same zero-trust controls, visibility and auditing they rely on for privileged access – without introducing new tools, credentials or attack paths.”
KeeperDB enables users to launch database sessions directly from a database record in the Keeper Vault, with the option to connect through either a Graphical User Interface (GUI) or Command-Line Interface (CLI). Initial support includes MySQL, PostgreSQL, Oracle and Microsoft SQL Server.
In doing so, these benefits are reaped:
- Eliminate credential exposure by ensuring database credentials are never revealed to users or stored on endpoints
- Reduce data exfiltration risk through granular controls such as read-only access and governed data transfer policies
- Strengthen audit readiness with full visual session recording of database activity
- Standardise and centralise database access within the Keeper Vault, replacing fragmented tools and unmanaged workflows
- Improve usability for technical teams by providing a modern, browser-based interface without sacrificing zero-trust controls
KeeperDB will be complemented by KeeperDB Proxy should organisations continue to utilise existing database clients. Secure connection through Keeper will still be maintained, upholding centralised policy enforcement, credential protection and session visibility.
Craig Lurey, CTO and Co-founder of Keeper Security, said: “Most database access today happens through disparate tools that sit outside security controls. We built KeeperDB so teams can work the way they’re used to, but inside a zero-trust environment. It’s a simpler, safer way to manage database access that enhances productivity.”
This comes at a time where Keeper have announced various other product upgrades and integrations recently including integrations with Jira and the announcement of its quantum-resistant encryption.
