Keeper Gateway 1.8.0

Overview

Keeper Gateway 1.8.0 delivers major feature enhancements across RBI, database access, KeeperAI, and Discovery, along with significant improvements in performance, stability, and overall platform reliability.

New Features:

• Remote Browser Isolation (RBI) enhancements - multi-tab support, file upload/download, right-click copy/paste/open and session persistence. Learn more.

• KeeperDB - enables secure database session management. Learn more.

• KeeperDB Proxy - enables secure, zero-trust database access by allowing users to connect to databases through native tools without requiring passwords. Learn more.

• SaaS password rotation - support for managing and rotating SaaS user credentials. Learn more.

• Discovery Rule Engine - improved automated resource discovery. Learn more.

• Discovery Speed - improved performance for large discovery jobs

• KeeperAI multi-protocol support - Now covers SSH, RDP, RBI, VNC, KeeperDB. Learn more.

• SSH Connections - Support for private key passphrase and certificate-based authentication

• Significant stability and performance upgrades

Improvements

• DR-778: Resolved OpenSSL (libcrypto) vulnerability

• DR-779: Resolved OpenSSL (libssl) vulnerability

• DR-1142: Option to force logout after session termination

• DR-1162: Support for Cisco IOS resources

• DR-1174: Service/task/IIS pool match on simple username

• DR-1179: Refactor user service mapping

• DR-1183: JIT - clean up folders when deleting a user

• DR-1185: Discovery - do not discover local users on a domain controller

• DR-1197: Discovery - speed improvements

• DR-1218: Support Checkpoint Gaia OS rotation

• PG-195: Support for certificate-based authentication

• PG-201: AI Threat Detection - terminate all active PAM sessions a resource is locked

• PG-203: Support for public_key and private_key_passphrase for SSH connections

• PG-204: Support env variable for delay between ephemeral account creation and login

• PG-214: Update cryptography to >=46.0.5 to fix CVE-2026-26007 (high severity)

• PG-217: Gateway silently drops client display dimensions (falls back to 1024x768@96dpi)

• PG-227: Slow RBI file upload speed

• PG-228: Windows performance improvements

Bug Fixes

• DR-1225: Scheduled task password rotation fails when task is in a subfolder

• PG-159: Elevation fails when adding existing users to groups/roles via Gateway

• PG-219: PAM session recording playback fails due to decryption error

• PG-223: Connection rendering issue — window size is suppressed until minimized and reopened

• PG-226: ICE restart fails with "Invalid symbol 61, offset 1" — SDP encoding mismatch between Vault and Gateway

• PG-237: No error handling for authentication failures — connections hang indefinitely on invalid credentials

• PG-245: pyguacd.exe spins at ~80% CPU indefinitely after RDP sessions complete due to orphaned ZeroMQ recording socket

• PG-246: For short sessions (<5s), session recordings are not captured

• PG-250: Domain users cannot be dynamically added to local groups during JIT elevation - injection false positive

• PG-251: Ephemeral RDP session fails on first attempt due to AD group membership propagation delay

• PG-257: Connections on Windows Gateway fail intermittently

• PG-263: AI Analysis Data Not Captured for Short Duration Sessions (<5s)

• PG-269: AI Command Analysis Dropped During Rapid Input over SSH

• PG-274: JIT doesn't apply role in MySQL protocol

Update Instructions

Please visit the Keeper Gateway documentation for your specific platform: