KeeperDB introduces zero-trust database accessibility to the realm of privileged access management.
Database credentials continue to be a prevalent attack vector in enterprise breaches, yet many organizations still handle them using shared spreadsheets, hardcoded connection strings, or isolated credential vaults without monitoring sessions. Keeper Security, a Chicago-based cybersecurity firm renowned for its password management solutions, aims to address this issue with KeeperDB, a new feature integrating database access controls into its privileged access management (PAM) platform.
This product was unveiled at the RSA Conference 2026 in San Francisco, where Keeper also received 18 industry accolades across various categories, including password management, privileged access management, and zero-trust security.
What KeeperDB offers
KeeperDB introduces a vault-native interface for database access within KeeperPAM, Keeper’s comprehensive privileged access management platform. Essentially, this allows developers, database administrators, and security teams to connect to MySQL, PostgreSQL, Oracle, and Microsoft SQL Server databases directly from Keeper Vault, eliminating the need to expose credentials in plaintext or to rely on separate database management tools.
All database sessions are regulated by centralized policies, complete with session recordings for auditing and compliance needs. The concept is simple: since organizations already manage their passwords, secrets, and privileged credentials in Keeper, database access should also be integrated there, avoiding the need for an additional tool with its own credential storage.
“KeeperDB signifies a natural progression of our zero-trust architecture,” stated Darren Guccione, CEO and co-founder of Keeper Security. “By incorporating database access into the vault, we eliminate the credential sprawl that poses risks in most enterprise settings.”
Addressing credential sprawl
The issue that KeeperDB tackles is well-recognized. Database credentials in numerous organizations are dispersed across configuration files, environment variables, CI/CD pipelines, and individual developer machines. When an employee departs or a credential is compromised, locating every instance of that credential becomes a laborious task.
Traditional database access tools exacerbates the problem. Each tool keeps its own connection profiles and saved credentials, resulting in multiple copies of sensitive information outside any unified governance framework. For organizations adhering to SOC 2, HIPAA, PCI DSS, or similar compliance standards, this disorganization makes preparing for audits considerably more time-consuming.
KeeperDB centralizes database access under the same zero-knowledge encryption and policy engine that regulates passwords, SSH keys, API tokens, and remote desktop sessions in KeeperPAM. Credentials are never revealed to users in plaintext, access is granted based on role-based policies, and every query session is recorded.
Proxy mode for existing workflows
Acknowledging that many teams already have established workflows with existing database clients, Keeper is also introducing KeeperDB Proxy. This supplementary feature permits developers to continue utilizing their preferred tools (such as pgAdmin, MySQL Workbench, DBeaver, and similar clients) while routing connections through Keeper’s infrastructure. The proxy ensures centralized policy enforcement, credential protection, and session visibility without necessitating a change in existing tools.
This is a practical compromise. Encouraging database administrators to switch from long-used tools is a reliable way to create friction and hinder adoption. By providing both a native vault interface and a proxy mode, Keeper is betting that organizations will opt for the path that causes the least disruption.
An expanded PAM strategy
KeeperDB is the latest enhancement to a platform that has significantly evolved beyond its password management roots. KeeperPAM now encompasses password and passkey management, secrets management for DevOps and CI/CD pipelines, privileged session management with recording, remote browser isolation, and secure access to remote desktops and SSH via Keeper Connection Manager, along with database access.
The company aims to consolidate multiple point solutions into one comprehensive platform featuring a unified credential store and a single policy engine. For managed service providers (MSPs), Keeper introduced an upgraded 2026 partner program in February, offering tiered discounts and enhanced resources, indicating that the mid-market and channel are key growth focuses alongside direct enterprise sales.
The F1 connection
Keeper’s presence at the RSA Conference coincided with its overall visibility campaign. Now in its third season as the official cybersecurity partner of the Atlassian Williams F1 Team, Keeper launched a global advertising push in March 2026 featuring driver Alex Albon. The campaign, filmed during pre-season testing in Bahrain, draws comparisons between the real-time data protection essential in Formula 1 operations and the identity-first security model that Keeper advocates for in enterprise settings.
Williams utilizes KeeperPAM to safeguard passwords, infrastructure secrets, and privileged accounts both at its Grove headquarters and trackside, where race strategy, telemetry, and engineering systems rely on strictly controlled access to sensitive information.
Implications
The broader trend that KeeperDB illustrates is the ongoing consolidation of identity and access management tools. Organizations that previously maintained separate solutions for password management, secrets management, privileged access, remote connectivity, and database access are increasingly seeking unified platforms that simplify complexity and reduce the number of credential stores that need protection.
Keeper is not the only vendor pursuing this strategy. Companies like CyberArk, BeyondTrust, and Delinea
Other articles
The European Commission was compromised after cybercriminals tampered with the open-source security tool Trivy.
CERT-EU has linked a 92 GB data breach at the European Commission to TeamPCP, which infiltrated the Trivy security scanner in a supply chain attack. The leaked data was made public by ShinyHunters.
KeeperDB introduces zero-trust access to databases within the framework of privileged access management.
KeeperDB incorporates database access within a zero-trust PAM platform, minimizing credential sprawl while enhancing security, compliance, and visibility.
Nvidia's $2 billion wager on Marvell is not an investment; it's a revenue-generating mechanism.
Nvidia's $2 billion investment in Marvell enhances the NVLink Fusion ecosystem, guaranteeing that each custom AI chip created for hyperscalers continues to yield revenue for Nvidia per rack.
NinjaOne free trial. Try out the integrated IT operations platform.
NinjaOne provides a free trial of its integrated IT platform for managing endpoints, patching, backup, and security for distributed teams.
NinjaOne free trial. Experience the all-in-one IT operations platform.
NinjaOne provides a complimentary trial of its all-in-one IT platform designed for endpoint management, patching, backup, and security for distributed teams.
KeeperDB offers zero-trust database access for managing privileged access.
KeeperDB incorporates database access within a zero-trust PAM framework, which minimizes credential sprawl and enhances security, compliance, and visibility.
KeeperDB introduces zero-trust database accessibility to the realm of privileged access management.
KeeperDB incorporates database access into a zero-trust PAM platform, minimizing credential sprawl and enhancing security, compliance, and visibility.