Keeper Security, a leader in zero-trust and zero-knowledge Privileged Access Management (PAM) software, unveiled the industry’s first solution to proactively defend Windows endpoints against memory-based attacks. Named Forcefield™, this kernel-level endpoint security offering protects systems from runtime memory-scraping malware and credential theft by advanced info-stealers.
The attack surface for threat actors has shifted. Rather than exploiting software vulnerabilities, adversaries increasingly target unprotected memory to harvest credentials, session tokens and other sensitive data from running applications. Forcefield closes that gap by enforcing memory-access protection directly at the kernel level raising the bar for enterprise endpoint security.
Also Read: OpenText Cybersecurity Reveals New Capabilities to Build a Trusted Foundation for AI
“Forcefield closes one of the most dangerous blind spots in endpoint security,” said Craig Lurey, CTO and Co-founder of Keeper Security. “Malware can extract sensitive information directly from a device’s memory, even at the user level where administrative privilege isn’t required. Forcefield prevents this type of exploit entirely without disrupting trusted applications or everyday workflows.”
Forcefield quietly protects your system. It blocks non-privileged, file-less, and zero-day attacks. These are threats that traditional antivirus and EDR tools often miss. It does this without compromising your system’s performance. Our lightweight kernel-mode driver helps us tell trusted processes from untrusted ones. This stops unauthorized memory access by malicious code.
Key capabilities include:
Kernel-level protection: Actively monitors and restricts memory access to protected applications.
Selective memory restriction: Blocks unauthorized processes from reading protected application memory.
Smart process validation: Differentiates between trusted and untrusted processes in real time.
Uninterrupted system performance: Runs quietly without impacting system or application performance.
Protected Windows applications include major web browsers such as Chrome, Firefox, Edge, Brave, Opera and Vivaldi; Keeper’s own products such as the Desktop App, Web Vault, Browser Extensions, Gateway, Bridge, Commander and KeeperChat; and across Windows 11 x64 and ARM64 operating systems.
The solution is designed for both individual users and enterprise deployments. Organizations can roll out Forcefield across fleets of Windows devices in minutes using existing management tools such as Group Policy, enabling consistent, scalable endpoint defense without added friction.