Keeper is excited to announce two significant updates to our iOS app: support for USB-C plug-in hardware security keys and a new Two-Factor Authentication (2FA) frequency setting. These updates reflect our commitment to providing industry-leading security solutions while ensuring a seamless user experience. Continue reading to learn more about these updates and how you can try them out yourself.

As a former federal CISO who has spent decades designing and securing enterprise infrastructure, I’ve grown increasingly concerned as organizations continue to rely on legacy Privileged Access Management (PAM) solutions designed for a different era. These systems, once the gold standard in security, have become dangerous liabilities in today’s modern cloud-native world.

Your organization shouldn’t delay getting a password manager because using a password manager provides visibility into employee password habits, strengthens secure password practices, protects employees from spoofed websites and minimizes the risk of data breaches. A password manager is a solution that helps your employees store, manage and share their login credentials, passkeys, important documents and more.

The main difference between Remote Browser Isolation (RBI) and Virtual Desktop Infrastructure (VDI) is that RBI is limited to providing remote access only to your web browser, while VDI focuses on providing remote access to an entire virtual desktop. Both RBI and VDI protect you from cyber threats by creating separate, secure environments where you can browse the internet and use your device.

As organizations sell to more discerning buyers, scrutiny on security and compliance practices grows. It’s certainly warranted—the frequency of third-party breaches is on the rise. In our State of Trust Report, almost half of all organizations surveyed say that a vendor of theirs experienced a data breach since they started working together. ‍

We’re excited to share some big news: 1Password is officially joining the Rails Foundation!

BYOVD involves adversaries writing to disk and loading a legitimate, but vulnerable, driver to access the kernel of an operating system. This allows them to evade detection mechanisms and manipulate the system at a deep level, often bypassing protections like EDR. For the exploitation to succeed, attackers must first ensure the driver is brought on the target system. This is followed by the initiation of a privileged process to load the driver, setting the stage for further malicious activities.

Identity is the new battleground in today’s rapidly evolving cyber threat landscape. Microsoft Active Directory (AD), a cornerstone of enterprise identity management, is a frequent target for attackers. For organizations, protecting these critical environments without adding complexity is essential. Many organizations struggle to get full visibility into changes made within Active Directory.

Mobile app security testing tools are like a unified command center for enterprise organizations. They automate the detection of potential threats, standardize testing protocols across agencies, help prioritize risks, and enable rapid response to the most critical threats. If your organization has several mobile applications developed by multiple third-party vendors, fragmented security oversight and inconsistencies in app development must be commonly observed.

The intersection of IoT (Internet of Things) and OT (Operational Technology) in healthcare has become a focal point in securing critical infrastructure. With the industry accounting for 9% of global GDP and integrating thousands of devices, from bedside monitors to surgical robots, the stakes couldn’t be higher. The journey from isolated systems to hyper-connected healthcare environments has unlocked unparalleled efficiency and innovation. Yet, it has also introduced unprecedented security risks.