Keeper Security, the leading cybersecurity provider of zero-trust and zero-knowledge Privileged Access Management (PAM) software protecting passwords and passkeys, privileged accounts, secrets and remote connections, has officially announced the launch of KeeperAI, which happens to be a new agentic AI feature for its KeeperPAM® platform.
According to certain reports, KeeperAI arrives on the scene bearing an ability to support real-time session monitoring and analysis, automated threat classification, as instant response.
To understand the significance of such a development, we must take into account how insider threats, privilege misuse, and advanced persistent threats have presented a challenge for security teams time and time again. Now, in the face of such s massive risk, traditional manual session reviews and rule-based alerts have unsurprisingly failed to keep up.
Filling up that very void, KeeperAI brings forth a facility for continuous monitoring of privileged sessions, automatic risk classification, and session summaries, along with configurable responses that can terminate sessions or trigger alerts when suspicious and malicious behavior is detected.
Not just that, as a sovereign AI product, each organization using KeeperAI also enjoys full ownership and control over the data it uses and generates.
“The reality is that cyber threats are no longer just a question of if, but when and how quickly you respond,” said Craig Lurey, CTO and Co-founder of Keeper Security. “KeeperAI’s agentic capabilities allow you to automatically monitor, identify and mitigate threats in real time, shutting down high-risk sessions, unauthorized access or improper account elevations.”
Talk about the whole value proposition on a slightly deeper level, we begin from the promise of automated session analysis. This translates to how you can seamlessly analyze session metadata, keystroke logs, and command execution logs to detect unusual behavior.
Next up, there is potential for threat classification. Here, KeeperAI makes a point to automatically categorize detected threats before assigning specific risk levels.
More on that would reveal how the technology will categorize commands into specific threat risk levels, including Critical to High, Medium and Low. Once KeeperAI is enabled, administrators can get down to customizing the risk level classification and policy on detection, giving admins the ability to define rule-based policies for specific command patterns.
The solution further makes it possible for customers to integrate with major LLM providers such as AWS Bedrock, Anthropic, Google Gemini and OpenAI. Complementing that would be the availability of uninterrupted support for compatible cloud and on-premises deployments without vendor lock-in.
Another detail worth a mention is rooted in the prospect of session termination, something which should really go the distance to trigger automatic session termination based on designated threat classification.
Hold on, we still have a few bits left to unpack, considering we haven’t yet touched upon how you can access customizable configuration. Hence, one may seamlessly adjust parameters and detection rules to go with their environment. We also haven’t touched upon a particular feature that allows you to search across sessions to locate specific keywords or activity.
Rounding up highlights would be the potential for flexible deployment, as KeeperAI can very well support both third-party, cloud-based, and on-premises LLM inference.
Among other things, it ought to be acknowledged that KeeperAI currently supports SSH-based sessions, with plans to operate with RDP, VNC, RBI and database protocols already in place.
All risk assessments and incident data also feed directly into the Keeper Vault UI, enabling teams to investigate incidents, maintain compliance and integrate with Security Information and Event Management (SIEM), as well as Security Operations Center (SOC) tools, through Keeper’s Advanced Reporting and Alerts Module (ARAM).
“Security teams shouldn’t have to waste hours reviewing logs or manually shutting down risky sessions,” said Jeremy London, Director of Engineering, AI and Threat Analytics at Keeper Security. “That’s why we built KeeperAI as an agentic AI system – it doesn’t just detect anomalies, it actively monitors and takes action on them in real time. With controls and parameters configured by humans, KeeperAI independently terminates high-risk sessions and enforces security policies instantly. This eliminates alert fatigue, accelerates response times to seconds and allows teams to focus on strategy instead of firefighting.”
