*Bluechip IT New Zealand has been a proud Keeper Security distributor for over two years. To learn more about Keeper, contact us at keeper@bluechipit.co.nz
In today’s threat landscape, traditional cybersecurity measures are no longer enough. Attackers are constantly evolving, and one of their most dangerous, yet often overlooked, targets is device memory.
That’s why the recent announcement from Keeper Security Inc. about the launch of Keeper Forcefield is a significant development that you, as a Reseller or Managed Service Provider (MSP), need to bring to your end-users’ attention.
💡 The Growing Threat: Why Memory Protection is Crucial
The core problem Forcefield addresses is the rise of sophisticated, memory-based attacks.
Attackers are increasingly bypassing standard defences such as antivirus and firewalls by targeting unprotected memory. Think of it this way: traditional security guards the doors and windows (network traffic and files), but once a malicious process gets inside the house (on the endpoint), it can freely steal sensitive data right off the kitchen table (application memory).
New generations of malicious software, often delivered through convincing phishing attacks, can:
- Scrape Runtime Memory: Extract passwords, session tokens, and other critical data directly from applications like web browsers and productivity tools.
- Execute Filelessly: Operate entirely in memory, leaving virtually no file-based traces for conventional endpoint detection and response (EDR) tools to find.
- Circumvent Encryption: Once data is decrypted for use in an application’s memory, attackers can snatch it, rendering traditional encryption useless at that critical point.
Co-founder and Chief Technology Officer Craig Lurey highlight this danger: “Malware can extract sensitive information directly from a device’s memory, even at the user level where administrative privilege isn’t required. Forcefield prevents this type of exploit entirely…”
🛡️ Introducing Keeper Forcefield: Kernel-Level Defense
Keeper Forcefield is Keeper’s new service designed to lock down this critical security blind spot-on Windows devices.
What makes it different?
1. Kernel-Level Security: Forcefield operates at the deepest level of the operating system-the kernel. This allows it to proactively monitor and control access to protected application memory in real time.
2. Dual-Level Protection: Keeper claims it’s the first solution to deliver real-time memory protection at both the user and kernel levels, significantly raising the standard for endpoint security.
3. Performance Without Compromise: Unlike conventional EDR or older antivirus tools that can slow systems down, Forcefield enforces real-time memory protection capable of blocking nonprivileged, fileless, and zero-day attacks without degrading system performance.
In essence, Forcefield acts as a highly specialised, invisible guard, ensuring that only authorised processes can interact with sensitive data stored in application memory. This closes the gap by locking down memory access and preventing credential theft from notorious threats like infostealers and runtime memory-scraping malware.
🤝 How This Helps You (The Reseller/MSP) and Your Clients
Keeper Forcefield is a powerful value-add that can significantly enhance the security posture you offer your clients, boosting your value proposition.
Forcefield is available for both individual users and enterprise environments, ensuring you have a solution for clients of all sizes running on Windows 11 (x64 and ARM64).
Protecting the unencrypted data in memory is no longer optional; it’s a fundamental requirement. By integrating Keeper Forcefield into your offering, you are ensuring your clients’ most sensitive data is shielded from the most insidious modern threats.
