Skip to content

Keeper Secrets Manager Key

Service Name: Keeper Security

Service Description: Keeper Secrets Manager is a zero-knowledge, cloud-based vault for securing infrastructure secrets such as API keys, database passwords, access keys, certificates and any type of confidential data.

Service Address: https://keepersecurity.com/

Validation Type: API Auth

IP Allow list: IP restrictions can be configured at the account level through Keeper's Enterprise controls.

Secret Access Scope: Grants programmatic access to secrets stored in Keeper's vault, allowing applications to retrieve credentials, keys, and other sensitive information.

Secret Revokement URL: https://docs.keeper.io/secrets-manager/secrets-manager/secrets-manager-configuration/application-configuration

Secret Example: US:AKCp8jQcoDVtNf3kPMzzJyRJw9KoiyDQnWPGl1G4U65CT6OdPQXAMPLEKEY

Suspicious Activity Investigation Instructions:

  • Review access logs in the Keeper Admin Console for unusual access patterns
  • Check for unauthorized applications accessing the Secrets Manager
  • Monitor for unusual volume or frequency of secret retrievals
  • Verify if secrets have been accessed from unusual locations or IP addresses
  • Review audit logs for any changes to secret permissions or configurations

Mitigation Instructions:

  • Immediately revoke the compromised Secrets Manager key in the Keeper Admin

Console

  • Generate a new Secrets Manager key for legitimate applications
  • Update all applications using the old key with the newly generated key
  • Review and adjust access permissions for the affected secrets
  • Enable additional security controls such as IP restrictions if not already in place
  • Consider implementing just-in-time access for critical secrets
  • Review and update secret rotation policies to minimize exposure