Terry KS Keeper Security has launched a native integration with Microsoft Sentinel, enabling organizations to stream real-time event data for faster detection of credential-based threats. The move enhances visibility and response capabilities across human and machine identities in both commercial and government environments.
SINGAPORE, 27 OCTOBER 2025 – Keeper Security, a global leader in zero-trust and zero-knowledge Privileged Access Management (PAM), has announced its native integration with Microsoft Sentinel to help organizations strengthen their defenses against credential-based attacks. The integration allows real-time Keeper event data to be streamed directly into Microsoft Sentinel’s Security Information and Event Management (SIEM) platform, giving security teams deeper insights into password use, privileged account activity, and potential security threats.
Credential-based attacks continue to be the most prevalent cybersecurity risk worldwide. The Verizon 2025 Data Breach Investigations Report highlights that compromised credentials remain the leading cause of data breaches. Keeper’s new integration provides enterprises with the visibility and intelligence needed to monitor and respond swiftly to such risks.
The integration, available to both commercial and Azure Government customers, can be deployed with a single click via the Microsoft Sentinel Content Hub. It eliminates the need for manual configuration by automatically handling secure authorization and data routing, ensuring a seamless and efficient setup process.
Importantly, the integration also monitors non-human identities such as service accounts and automated systems, which often hold privileged access but are frequently overlooked in traditional monitoring frameworks. This holistic oversight ensures organizations can identify and mitigate threats across all access points.
“With this integration, Keeper becomes a real-time signal to Microsoft Sentinel, giving security teams actionable intelligence about who is accessing what, when and where,” said Craig Lurey, CTO and Co-founder of Keeper Security. “Credential-based attacks continue to rise. We’re delivering the visibility organizations need to respond quickly and prevent breaches.”
Key benefits of the integration include unified visibility into privileged access risks, faster threat detection and response, simplified compliance reporting, customizable dashboards, and complete oversight of both human and machine credentials.
As identity-based attacks evolve, this collaboration empowers organizations to stay ahead of threats, enhance compliance, and secure their digital ecosystems with advanced, data-driven monitoring.
To activate the integration, users can visit docs.keeper.io or access it directly via the Microsoft Sentinel Content Hub.