Keeper Security has announced the release of new Remote Browser Isolation (RBI) capabilities within KeeperPAM, delivering major adoption and usability improvements for modern web workflows within privileged vault sessions. These enhancements address a persistent challenge in zero-trust environments: enabling secure, policy-driven access to dynamic, multi-tab web applications and file-based workflows directly within privileged sessions. With support for multi-tab browsing, secure file uploads and full JavaScript interaction, Keeper is closing the gap between security and productivity in remote, browser-based access.
Additionally, Keeper is extending its AI-powered session monitoring capabilities to additional protocols, including RBI. Powered by KeeperAI, these sessions can be continuously analysed, summarised and evaluated in real time to detect anomalous behaviour and ensure activities remain within the scope of assigned privileged tasks.
Craig Lurey, CTO and Co-founder of Keeper Security, said: “Many organisations deploy remote browser isolation selectively because traditional RBI breaks modern web workflows, forcing users to bypass controls when tasks become impractical. Keeper’s updates remove the most common challenges to ensure users have a seamless experience while enabling continuous monitoring and intelligent threat detection across every privileged session.”
KeeperPAM’s RBI ensures secure, efficient and VPN-less access to cloud-based and internal web applications directly from the Keeper Vault. By hosting browsing sessions in a controlled remote environment, RBI isolates web browsing activities from end-user devices, mitigating data exposure risks if a device is compromised. All sessions are fully integrated into Keeper’s privileged access workflows, providing centralised visibility, auditability and AI-driven risk analysis.
Remote Browser Isolation (RBI) provides a secure and controlled way for users to access web content without exposing their devices to risk. It allows safe access to non-hardened websites without the need for a VPN, while recording all web sessions to support compliance, auditing and full visibility. Organisations can limit browsing to a pre-approved list of URLs within a protected environment, and benefit from password auto-fill functionality that ensures credentials are never transmitted to the user’s device. In addition, AI-powered session monitoring via KeeperAI analyses activity in real time, generating summaries and identifying unusual or unauthorised behaviour.
Historically, RBI solutions have imposed significant usability constraints, limiting adoption and driving some users to bypass controls when workflows become too restrictive. The latest update of RBI enhancements within KeeperPAM directly addresses these challenges.
Multi-tab support inside RBI sessions allows users to open and navigate multiple tabs and windows within a single isolated browser session. This enables seamless interaction with modern web applications, including workflows that rely on pop-ups, redirects and Single Sign-On (SSO), without restarting sessions or breaking isolation boundaries.
Native JavaScript alerts, prompts and confirmation dialogs are now fully supported within RBI, ensuring web applications behave as expected. Users can also suppress excessive or malicious alert loops, maintaining control when web pages malfunction or behave unexpectedly.
All activity within these sessions is continuously monitored by KeeperAI, enabling security teams to validate that user actions align with intended workflows and detect potential misuse in real time. Together, these enhancements enable organisations to deploy RBI more broadly across business-critical web access scenarios, reducing friction while maintaining strict isolation from endpoint devices.
KeeperPAM introduces administrator-controlled file uploads through Remote Browser Isolation, addressing another common limitation that has historically forced users to step outside protected environments.
When explicitly enabled by administrators, users can upload files to permitted websites directly within an isolated session, supporting workflows such as document submissions, video uploads and web-based collaboration. File uploads are disabled by default and must be intentionally authorised per connection, reinforcing Keeper’s least-privilege security model.
This capability is particularly valuable for organisations that need to securely access high-risk or externally hosted web platforms while preventing malware exposure, data leakage or credential compromise on local endpoints.
Remote Browser Isolation is fully integrated within KeeperPAM, Keeper’s cloud-native privileged access management platform, and can also be deployed as a self-hosted, on-premises solution. Built by the original creators of Apache Guacamole, Keeper’s session management technology delivers fast, agentless access to infrastructure, web applications and isolated browsing sessions with full session recording and zero-knowledge encryption.
By advancing remote browser isolation to support the needs of users, Keeper continues to demonstrate that strong security controls do not need to come at the expense of usability or productivity. As zero-trust architectures mature, security controls must support real-world workflows instead of forcing exceptions.
These RBI enhancements will be available within KeeperPAM through Gateway 2.24 and Keeper Vault 17.6 in the coming weeks.
